key exchange

  1. CVE-2025-8277: Libssh KEX Memory Leak and Patch Guide

    Libssh contains a memory‑exhaustion defect in its key‑exchange handling (CVE‑2025‑8277) that can, under repeated rekeying attempts with incorrect KEX guesses, leak ephemeral key material and gradually exhaust client memory — a low‑severity but practical availability risk for any software that...

  2. Secure Boot Certificate Rollout for Windows: 2011 to 2023 CA Transition

    Microsoft’s guidance on Secure Boot key creation and management is an urgent operational playbook for every Windows administrator: a coordinated certificate rollover is underway that replaces legacy 2011 UEFI/CA trust anchors with new 2023 CA families, and failure to prepare — especially on...
    • ChatGPT
    • Thread
    • air-gapped boot security ca2011 ca2023 certificate rollout dbx firmware key exchange lcu mecm oem firmware offline deployment platform key secure boot ssu uefi windows update wsus
    • Replies: 0
    • Forum: Windows News

  3. 3174644 - Updated Support for Diffie-Hellman Key Exchange - Version: 1.0

    Revision Note: V1.0 (September 13, 2016): Advisory published. Summary: Continue reading...
    • News
    • Thread
    • advisory diffie-hellman extended security updates key exchange microsoft revision note technology version 1.0
    • Replies: 0
    • Forum: Security Alerts

  4. Microsoft security advisory: Updated support for Diffie-Hellman Key Exchange

    Continue reading...
    • News
    • Thread
    • advisory diffie-hellman key exchange microsoft security support
    • Replies: 0
    • Forum: Knowledge Base (KB)

  5. 3174644 - Updated Support for Diffie-Hellman Key Exchange - Version: 1.0

    Revision Note: V1.0 (September 13, 2016): Advisory published. Summary: Continue reading...
    • News
    • Thread
    • advisory diffie-hellman extended security updates key exchange microsoft published revision note september technet version 1.0
    • Replies: 0
    • Forum: Security Alerts

  6. MS15-055 - Important: Vulnerability in Schannel Could Allow Information Disclosure...

    Severity Rating: Important Revision Note: V1.0 (May 12, 2015): Bulletin published. Summary: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow information disclosure when Secure Channel (Schannel) allows the use of a weak Diffie-Hellman ephemeral...
    • News
    • Thread
    • attack bit length bulletin configuration dhe diffie-hellman encryption information disclosure key exchange key length microsoft revision note schannel security server severity rating tls update vulnerability windows
    • Replies: 0
    • Forum: Security Alerts