tls

  1. P

    Windows Server Monitoring

    I hope I don't come across as horibly spammy on my third post here but I would like to share some info on a project that I've been working on. I know when it comes to free monitoring solutions we're all basically stuck with Nagios or some sort of Linux based product that is typically ugly and...
    • Phil White
    • Thread
    • .net access control alternatives community device views event manager feedback free software github monitoring open source project report ssl system information tcp/ip technology tls windows server wmi
    • Replies: 2
    • Forum: Windows Server Forums

  2. 3109853 - Update to Improve TLS Session Resumption Interoperability - Version: 1.0

    Revision Note: V1.0 (January 12, 2016): Advisory published. Summary: Microsoft is announcing the availability of an update to improve interoperability between Schannel-based TLS clients and 3rd-party TLS servers that enable RFC5077-based resumption and that send the NewSessionTicket message in...
    • News
    • Thread
    • bug fixes client encryption internet explorer interoperability microsoft edge network patch protocol rfc5077 schannel security server software technical advisory tls update version 1.0 windows wininet
    • Replies: 0
    • Forum: Security Alerts

  3. 3123040 - Inadvertently Disclosed Digital Certificate Could Allow Spoofing - Version: 1.0

    Revision Note: V1.0 (December 8, 2015): Advisory published. Summary: Microsoft is aware of an SSL/TLS digital certificate for *.xboxlive.com for which the private keys were inadvertently disclosed. The certificate could be used in attempts to perform man-in-the-middle attacks. It cannot be used...
    • News
    • Thread
    • advisory certificate cybersecurity digital certificates man-in-the-middle microsoft private keys security security advisory spoofing ssl supported releases technet tls update v1.0 vulnerability windows xbox live
    • Replies: 0
    • Forum: Security Alerts

  4. 3123040 - Inadvertently Disclosed Digital Certificate Could Allow Spoofing - Version: 1.0

    Revision Note: V1.0 (December 8, 2015): Advisory published. Summary: Microsoft is aware of an SSL/TLS digital certificate for *.xboxlive.com for which the private keys were inadvertently disclosed. The certificate could be used in attempts to perform man-in-the-middle attacks. It cannot be used...
    • News
    • Thread
    • 2015 advisory certificate cybersecurity digital certificates man-in-the-middle microsoft private keys revision note security spoofing ssl support technet tls update v1.0 vulnerability windows xbox live
    • Replies: 0
    • Forum: Security Alerts

  5. Update to add RDS support for TLS 1.1 and TLS 1.2 in Windows 7 or Windows Server 2008 R2

    Link Removed
    • News
    • Thread
    • configuration network security rds remote desktop server 2008 support tls tls 1.1 update windows 7
    • Replies: 0
    • Forum: Knowledge Base (KB)

  6. Ending support for the RC4 cipher in Microsoft Edge and Internet Explorer 11

    Today, Microsoft is announcing the end-of-support of the RC4 cipher in Microsoft Edge and Internet Explorer 11. Starting in early 2016, the RC4 cipher will be disabled by-default and will not be used during TLS fallback negotiations. There is consensus across the industry that RC4 is no longer...
    • News
    • Thread
    • attack browser cipher cryptography edge encryption end of support fallback industry consensus internet explorer microsoft rc4 security security advisory support tls user advice windows 10 windows 7 windows 8.1
    • Replies: 0
    • Forum: Live RSS Feeds

  7. HTTP Strict Transport Security comes to Internet Explorer 11 on Windows 8.1 and Windows 7

    In February, we Link Removed the first preview of HTTP Strict Transport Security in Internet Explorer 11 in the Windows 10 Insider Preview. The HTTP Strict Transport Security (HSTS) policy protects against variants of man-in-the-middle attacks that can strip TLS out of communications with a...
    • News
    • Thread
    • browser security hsts http https internet explorer man-in-the-middle microsoft edge mixed content network security preload list redirect security fixes security updates strict transport security tls web development windows 10 windows 7 windows 8.1
    • Replies: 0
    • Forum: Live RSS Feeds

  8. June 2015 Website Updates and Changes

    Good evening! June is upon us, and with no shortage of news or updates regarding WindowsForum.com As of the 1st of June: We have worked throughout most of the day to connect with Network Solutions, CloudFlare, ICANN, Google, and a number of other online institutions to resolve a problem that...
    • Mike
    • Thread
    • 2015 amazon app updates apple binaries cloudflare encryption google http2 icann microsoft mvp mobile apps network solutions rating system ssl technical issues tls user contributions website updates windows forum
    • Replies: 2
    • Forum: Forum Announcements

  9. MS15-055 - Important: Vulnerability in Schannel Could Allow Information Disclosure...

    Severity Rating: Important Revision Note: V1.0 (May 12, 2015): Bulletin published. Summary: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow information disclosure when Secure Channel (Schannel) allows the use of a weak Diffie-Hellman ephemeral...
    • News
    • Thread
    • attack bit length bulletin configuration dhe diffie-hellman encryption information disclosure key exchange key length microsoft revision note schannel security server severity rating tls update vulnerability windows
    • Replies: 0
    • Forum: Security Alerts

  10. TA15-120A: Securing End-to-End Communications

    Original release date: April 30, 2015 Systems Affected Networked systems Overview Securing end-to-end communications plays an important role in protecting privacy and preventing some forms of man-in-the-middle (MITM) attacks. Recently, researchers described a MITM attack used to inject...
    • News
    • Thread
    • authentication browser security certificate certificate pinning communication cyberattack dane data security digital certificates encryption mitm attack network notary network security privacy ssl systems affected threat mitigation tls vulnerability web security
    • Replies: 0
    • Forum: Security Alerts

  11. SHA512 is disabled in Windows when you use TLS 1.2

    Link Removed
    • News
    • Thread
    • configuration encryption protocol security sha512 tls update windows
    • Replies: 0
    • Forum: Knowledge Base (KB)

  12. Microsoft confirms FREAK vulnerability affects Windows as well

    Ref: http://www.winbeta.org/news/microsoft-confirms-freak-vulnerability-affects-windows-well If you pop onto the site above it will check whether your browser is vulnerable to attack. Apparently the latest Chrome is fine as is IE (version 11.0.9800.0. the one that comes with win 10 build 9926)
    • kemical
    • Thread
    • attack browser build chrome cipher client systems encryption exploit freak internet explorer microsoft rsa schannel security ssl tls update version vulnerability windows
    • Replies: 0
    • Forum: Windows Security

  13. Security Advisory 3046015 released

    Today, we released Link Removed to provide guidance to customers in response to the SSL/TLS issue referred to by researchers as “FREAK” (Factoring attack on RSA-EXPORT Keys). Our investigation continues and we’ll take the necessary steps to protect our customers. MSRC Team Continue reading...
    • News
    • Thread
    • advisory freak msrc protection research rsa security ssl tls vulnerability
    • Replies: 0
    • Forum: Security Alerts

  14. 3046015 - Vulnerability in Schannel Could Allow Security Feature Bypass - Version: 1.1

    Severity Rating: Important Revision Note: V1.1 (March 5, 2015): Advisory revised to clarify the reason why no workaround exists for systems running Windows Server 2003. See the Advisory FAQ for more information. Summary: Microsoft is aware of a security feature bypass vulnerability in Secure...
    • News
    • Thread
    • advisory attack best practices cipher downgrade freak important microsoft mitm schannel security server ssl tls vulnerability windows
    • Replies: 0
    • Forum: Security Alerts

  15. Secure Channel cumulative update changes TLS protocol renegotiation and fallback behavior

    Link Removed
    • News
    • Thread
    • cumulative update fallback behavior renegotiation secure channel tls
    • Replies: 0
    • Forum: Knowledge Base (KB)

  16. TA14-318A: Microsoft Secure Channel (Schannel) Vulnerability (CVE-2014-6321)

    Original release date: November 14, 2014 Systems Affected Microsoft Windows Vista, 7, 8, 8.1, RT, and RT 8.1 Microsoft Server 2003, Server 2008, Server 2008 R2, Server 2012, and Server 2012 R2 Microsoft Windows XP and 2000 may also be affected. Overview A critical vulnerability in...
    • News
    • Thread
    • arbitrary code bulletin critical cve-2014-6321 exploit impact microsoft mitigation network traffic patch management remote attack risk schannel security server ssl tls update vulnerability windows
    • Replies: 0
    • Forum: Security Alerts

  17. TA14-290A: SSL 3.0 Protocol Vulnerability and POODLE Attack

    Original release date: October 17, 2014 Systems Affected All systems and applications utilizing the Secure Socket Layer (SSL) 3.0 with cipher-block chaining (CBC) mode ciphers may be vulnerable. However, the POODLE (Padding Oracle On Downgraded Legacy Encryption) attack demonstrates this...
    • News
    • Thread
    • browser cipher ciphertext data breach downgrade attack encryption exploitation legacy systems mitm network security openssl poodle protocol risk assessment security sensitive data ssl 3.0 tls transport layer security vulnerability
    • Replies: 0
    • Forum: Security Alerts

  18. 2977292 - Update for Microsoft EAP Implementation that Enables the Use of TLS - Version: 1.0

    Revision Note: V1.0 (October 14, 2014): Advisory published. Summary: Microsoft is announcing the availability of an update for supported editions of Windows 7, Windows Server 2008 R2, Windows 8, Windows 8.1, Windows Server 2012, and Windows RT for the Microsoft Extensible Authentication Protocol...
    • News
    • Thread
    • eap microsoft registry security tls update windows 7 windows 8 windows 8.1 windows server
    • Replies: 0
    • Forum: Security Alerts

  19. 2977292 - Update for Microsoft EAP Implementation that Enables the Use of TLS - Version: 1.0

    Revision Note: V1.0 (October 14, 2014): Advisory published. Summary: Microsoft is announcing the availability of an update for supported editions of Windows 7, Windows Server 2008 R2, Windows 8, Windows 8.1, Windows Server 2012, and Windows RT for the Microsoft Extensible Authentication Protocol...
    • News
    • Thread
    • eap microsoft patch security tls update windows 7 windows 8 windows 8.1 windows server
    • Replies: 0
    • Forum: Security Alerts

  20. Update for Disabling RC4 in .NET TLS - Version: 1.0

    Revision Note: V1.0 (May 13, 2014): Advisory published. Summary: Microsoft is announcing the availability of an update for Microsoft .NET Framework that disables RC4 in Transport Layer Security (TLS) through the modification of the system registry. Use of RC4 in TLS could allow an attacker to...
    • News
    • Thread
    • advisory encryption man-in-the-middle microsoft net framework plain text rc4 registry security tls update
    • Replies: 0
    • Forum: Security Alerts