tls

  1. TA14-098A: OpenSSL 'Heartbleed' vulnerability (CVE-2014-0160)

    Original release date: April 08, 2014 Systems Affected OpenSSL 1.0.1 through 1.0.1f OpenSSL 1.0.2-beta Overview A vulnerability in OpenSSL could allow a remote attacker to expose sensitive data, possibly including user authentication credentials and secret keys, through incorrect memory...
    • News
    • Thread
    • administrator credentials cve-2014-0160 data exposed exploit heartbleed impact information disclosure key material memory mitigation openssl patch perfect forward secrecy public access revision security security flaw tls vulnerability
    • Replies: 0
    • Forum: Security Alerts

  2. Microsoft Security Advisory (977377): Vulnerability in TLS/SSL Could Allow Spoofing - Version:...

    Revision Note: V2.0 (August 10, 2010): Advisory updated to reflect publication of security bulletin. Summary: Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS10-049 to address this issue. For more information about this issue, including...
    • News
    • Thread
    • advisory cve knowledge base microsoft security spoofing ssl tls update vulnerability
    • Replies: 0
    • Forum: Security Alerts

  3. MS12-049 - Important : Vulnerability in TLS Could Allow Information Disclosure (2655992) -...

    Severity Rating: Important Revision Note: V1.1 (July 9, 2013): Bulletin revised to announce a detection change in the Windows Vista packages for the 2655992 update to correct a Windows Update reoffering issue. This is a detection change only. Customers who have already successfully updated their...
    • News
    • Thread
    • cipher suites cryptography information disclosure security threat mitigation tls update vulnerability windows vista
    • Replies: 0
    • Forum: Security Alerts

  4. MS13-006 - Important : Vulnerability in Microsoft Windows Could Allow Security Feature Bypass...

    Severity Rating: Important Revision Note: V1.2 (July 9, 2013): Bulletin revised to announce a detection change in the Windows Vista packages for the 2785220 update to correct a Windows Update reoffering issue. This is a detection change only. Customers who have already successfully updated their...
    • News
    • Thread
    • detection handshake ms13-006 security ssl tls update vulnerability windows windows update
    • Replies: 0
    • Forum: Security Alerts

  5. MS13-006 - Important : Vulnerability in Microsoft Windows Could Allow Security Feature Bypass...

    Severity Rating: Important Revision Note: V1.2 (July 9, 2013): Bulletin revised to announce a detection change in the Windows Vista packages for the 2785220 update to correct a Windows Update reoffering issue. This is a detection change only. Customers who have already successfully updated their...
    • News
    • Thread
    • attacker bulletin cybersecurity detection change encryption handshake important microsoft patch privately reported reoffering security ssl tls update vulnerability web traffic windows windows vista
    • Replies: 0
    • Forum: Security Alerts

  6. MS12-049 - Important : Vulnerability in TLS Could Allow Information Disclosure (2655992) -...

    Severity Rating: Important Revision Note: V1.1 (July 9, 2013): Bulletin revised to announce a detection change in the Windows Vista packages for the 2655992 update to correct a Windows Update reoffering issue. This is a detection change only. Customers who have already successfully updated their...
    • News
    • Thread
    • cipher suites information disclosure ms12-045 security severity rating tls update vulnerability web traffic windows vista
    • Replies: 0
    • Forum: Security Alerts

  7. Certificate validation fails when a certificate has multiple trusted certification paths to root CAs

    Link Removed
    • News
    • Thread
    • cas certificate certification pki root cas security ssl tls validation
    • Replies: 0
    • Forum: Knowledge Base (KB)

  8. MS13-006 - Important : Vulnerability in Microsoft Windows Could Allow Security Feature Bypass (27852

    Severity Rating: Important Revision Note: V1.0 (January 8, 2013): Bulletin published. Summary: This security update resolves a privately reported vulnerability in the implementation of SSL and TLS in Microsoft Windows. The vulnerability could allow security feature bypass...
    • News
    • Thread
    • attack bypass encryption microsoft security ssl tls update vulnerability windows
    • Replies: 0
    • Forum: Security Alerts

  9. Microsoft Security Advisory (2661254): Update For Minimum Certificate Key Length - Version: 1.2

    Revision Note: V1.2 (September 11, 2012): Clarified that applications and services that use RSA keys for cryptography and call into the CertGetCertificateChain function could be impacted by this update. Examples of these applications and services include but are not limited to encrypted email...
    • News
    • Thread
    • advisory application attack certificate cryptography encryption fraud key length microsoft phishing pki security revision note rsa keys security services spoofing ssl tls update windows
    • Replies: 0
    • Forum: Security Alerts

  10. Implementing PEAP-MS-CHAP v2 authentication for Microsoft PPTP VPNs

    Provides recommendations for organizations that use MS-CHAP v2/PPTP to implement the Protected Extensible Authentication Protocol (PEAP) in their networks. This mitigates known attacks by encapsulating the MS-CHAP v2 authentication traffic in TLS. More...
    • News
    • Thread
    • authentication encapsulation mitigation mschapv2 network security peap pptp recommendations tls vpn
    • Replies: 0
    • Forum: Knowledge Base (KB)

  11. MS12-049: Vulnerability in TLS could allow information disclosure: July 10, 2012

    Resolves a vulnerability in TLS that could allow information disclosure if an attacker intercepts encrypted web traffic served from an affected system. All cipher suites that do not use CBC mode are not affected. More...
    • News
    • Thread
    • cbc mode cipher suites encryption information disclosure microsoft support ms12-045 security tls vulnerability web traffic
    • Replies: 0
    • Forum: Knowledge Base (KB)

  12. MS12-049 - Important : Vulnerability in TLS Could Allow Information Disclosure (2655992) - Version:

    Severity Rating: Important Revision Note: V1.0 (July 10, 2012): Bulletin published. Summary: This security update resolves a publicly disclosed vulnerability in TLS. The vulnerability could allow information disclosure if an attacker intercepts encrypted web traffic served...
    • News
    • Thread
    • attack bulletin cbc cipher encryption important information information disclosure interception microsoft security tls traffic update vulnerability web
    • Replies: 0
    • Forum: Security Alerts

  13. MS12-006 - Important : Vulnerability in SSL/TLS Could Allow Information Disclosure (2643584) - Versi

    Severity Rating: Important Revision Note: V1.1 (January 18, 2012): Added MS10-085 as a bulletin replaced by the KB2585542 update for Windows 7 for 32-bit Systems, Windows 7 for x64-based Systems, Windows Server 2008 R2 for x64-based Systems, and Windows Server 2008 R2 for...
    • News
    • Thread
    • bulletin cipher suites encryption information disclosure kb2585542 microsoft ms12-006 patch revision security severity rating ssl status systems affected tls update vulnerability web traffic windows 7
    • Replies: 0
    • Forum: Security Alerts

  14. WSD does not support TLS1.1 and TLS 1.2

    Consider the following scenario: - You are using a WSD (Web Services on Devices) device which supports TLS1.1 or TLS 1.2 - You are trying to connect to the WSD device. In this scenario, you cannot connect to the device by TLS1.1 or TLS 1.2. Depending on... Link Removed
    • News
    • Thread
    • compatibility connection devices error network protocol security tls web services wsd
    • Replies: 0
    • Forum: Knowledge Base (KB)

  15. MS12-006 - Important : Vulnerability in SSL/TLS Could Allow Information Disclosure (2643584) - Versi

    Severity Rating: Important Revision Note: V1.0 (January 10, 2012): Bulletin published. Summary: This security update resolves a publicly disclosed vulnerability in SSL 3.0 and TLS 1.0. This vulnerability affects the protocol itself and is not specific to the Windows...
    • News
    • Thread
    • attack vector cipher suites encrypted traffic extended security updates information disclosure ms12-006 publicly disclosed ssl tls vulnerability
    • Replies: 0
    • Forum: Security Alerts

  16. An application or service that calls the InitializeSecurityContext function together with the ISC_RE

    Fixes a problem in Windows 2008 R2 in which any application or service that calls the InitializeSecurityContext function together with the ISC_REQ_EXTENDED_ERROR flag may encounter TLS negotiation failure. Link Removed
    • News
    • Thread
    • application error initializesecuritycontext negotiations security services tls windows 2008
    • Replies: 0
    • Forum: Knowledge Base (KB)

  17. Microsoft Security Advisory (2588513): Vulnerability in SSL/TLS Could Allow Information Disclosure -

    Revision Note: V1.0 (September 26, 2011): Advisory published. Summary: Microsoft is aware of detailed information that has been published describing a new method to exploit a vulnerability in SSL 3.0 and TLS 1.0, affecting the Windows operating system. This vulnerability affects the...
    • News
    • Thread
    • advisory encryption https information disclosure microsoft protocol risk security ssl tls traffic vulnerability windows
    • Replies: 0
    • Forum: Security Alerts

  18. Microsoft releases Security Advisory 2588513

    Hello. Today we released Security Advisory 2588513, addressing an information-disclosure issue in SSL (Secure Sockets Layer) 3.0 and TLS (Transport Layer Security) 1.0 to provide guidance for customers. This is an industry-wide issue with limited impact that affects the Internet ecosystem as a...
    • News
    • Thread
    • advisory attack bandwidth browser communication computing exploitation guidance https information internet mitigation protocol risk security ssl threats tls update vulnerability
    • Replies: 0
    • Forum: Security Alerts

  19. Microsoft Security Advisory: Vulnerability in SSL/TLS could allow information disclosure

    Provides a link to Microsoft Security Advisory (2588513): Vulnerability in SSL/TLS could allow information disclosure. More...
    • News
    • Thread
    • advisory information information disclosure microsoft network security ssl tls update vulnerability
    • Replies: 0
    • Forum: Knowledge Base (KB)

  20. Microsoft Security Advisory (2588513): Vulnerability in SSL/TLS Could Allow Information Disclosure -

    Revision Note: V1.0 (September 26, 2011): Advisory published. Summary: Microsoft is aware of detailed information that has been published describing a new method to exploit a vulnerability in SSL 3.0 and TLS 1.0, affecting the Windows operating system. This vulnerability affects the...
    • News
    • Thread
    • advisory attack vector cybersecurity decryption https information disclosure microsoft operating system protocol risk assessment security ssl tls vulnerability web traffic windows
    • Replies: 0
    • Forum: Security Alerts