1. Welcome Guest! In order to create a new topic or reply to an existing one, you must register first. It is easy and free. Click here to sign up now!.
    Dismiss Notice

MS15-055 - Important: Vulnerability in Schannel Could Allow Information Disclosure (3061518) -...

Discussion in 'Security Updates' started by Microsoft Security, May 12, 2015.

  1. Microsoft Security

    Microsoft Security Guest

    Severity Rating: Important
    Revision Note: V1.0 (May 12, 2015): Bulletin published.
    Summary: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow information disclosure when Secure Channel (Schannel) allows the use of a weak Diffie-Hellman ephemeral (DFE) key length of 512 bits in an encrypted TLS session. Allowing 512-bit DHE keys makes DHE key exchanges weak and vulnerable to various attacks. A server needs to support 512-bit DHE key lengths for an attack to be successful; the minimum allowable DHE key length in default configurations of Windows servers is 1024 bits.

    View the full article
     
    Microsoft Security, May 12, 2015
    #1

Share This Page