Microsoft moves to patch this potentially serious security flaw

By Scott Marlette Last updated Oct 19, 2022

Microsoft has fixed a bug plaguing multiple versions of Windows and Windows Server that’s triggering SSL/TLS handshake failures.

Those experiencing the flaw see a SEC_E_ILLEGAL_MESSAGE notification pop up in applications that try to connect to servers.

“We address an issue that might affect some types of Secure Sockets Layer (SSL) and Transport Layer Security (TLS (opens in new tab)) connections. These connections might have handshake failures,” Microsoft said in an announcement (opens in new tab).

Multiple versions affected

The affected versions include Windows 11 (opens in new tab) 22H2; Windows 11 21H2; Windows 10 21H2; Windows 10 21H1; Windows 10 20H2; Windows 10 Enterprise LTSC 2019; Windows 10 Enterprise LTSC 2016; Windows 10 Enterprise 2015 LTSB; Windows 8.1; and Windows 7 SP1.

For servers, affected versions include Windows Server 2022; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; and Windows Server 2008 R2 SP1.

This is an out-of-band update, meaning it won’t be automatically deployed via Windows Update, Windows Update for Business, or Windows Server Update Services (WSUS).

Instead, users interested in picking the update up need to head over to the Microsoft Update Catalog (opens in new tab) and manually add them either into the Microsoft Endpoint Configuration Manager, or Windows Server Update Services (WSUS).

Microsoft is no stranger to out-of-band updates. Last time we had such an update was in May 2022, when the company fixed a problem that prevented applications downloaded from the Windows Store from properly running on endpoints.

However, BleepingComputer (opens in new tab) discovered that after installing the patch, the Cluster Service might fail to start. In this case, this happens because an update to the PnP class drivers used by the service removed a Cluster Network Driver.

The fix is still in the works for Windows 10 2016 LTSB, Windows Server 2016, and Windows 10 2015 LTSB.

For all the latest Technology News Click Here

For the latest news and updates, follow us on Google News.

Read original article here

Denial of responsibility! TechNewsBoy.com is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.