A security advisory was published on 11th November 2014 by Microsoft, describing a security threat that may allow arbitrary code execution by hackers. This vulnerability could allow remote code execution, if an attacker sends carefully crafted packets to a Windows server. This issue lies within Microsoft's SChannel implementation, and has been rated as "Critical" by Microsoft, for all the supported releases of Microsoft Windows.
SigningHub runs on a Windows 2012 Server and therefore the official patch has been applied to remove this vulnerability. Anyone running an on-premise instance of SigningHub Enterprise (also called Ascertia Docs until recently) must also apply these fixes see details.