MS15-055: Vulnerability in Schannel could allow information disclosure: May 12, 2015

Windows Server 2012 R2 DatacenterWindows Server 2012 R2 StandardWindows Server 2012 R2 Essentials

Summary


This security update resolves a vulnerability in Windows. The vulnerability could allow information disclosure when Secure Channel (Schannel) allows the use of a weak Diffie-Hellman ephemeral (DHE) key length of 512 bits in an encrypted Transport Layer Security (TLS) session. Allowing 512-bit DHE keys makes DHE key exchanges weak and vulnerable to various attacks. For an attack to be successful, a server has to support 512-bit DHE key lengths. Windows TLS servers send a default DHE key length of 1,024 bits.

Introduction


Microsoft has released security bulletin MS15-055. To learn more about this security bulletin:

How to obtain help and support for this security update

Help installing updates:
Support for Microsoft Update

Security solutions for IT professionals:
TechNet Security Troubleshooting and Support

Help protect your Windows-based computer from viruses and malware:
Virus Solution and Security Center

Local support according to your country:
International Support

More Information


Known issues with this security update

  • This security update supersedes security update 3050514 in MS15-052. We are releasing these two updates at the same time. Customers who intend to install both updates manually on Windows 8 or Windows Server 2012 should install 3050514 in MS15-052 before they install 3061518 in MS15-055. This is taken care of automatically for customers who have automatic updating enabled.



  • After you install this security update, the minimum allowed DHE key length on client computers is changed to 1,024 bits by default, instead of the previous minimum allowed key length of 512 bits.

    If you want to revert to using a 512-bit key length, you must set the ClientMinKeyBitLength registry DWord value to 00000200.

    ImportantThis section, method, or task contains steps that tell you how to modify the registry. However, serious problems might occur if you modify the registry incorrectly. Therefore, make sure that you follow these steps carefully. For added protection, back up the registry before you modify it. Then, you can restore the registry if a problem occurs. For more information about how to back up and restore the registry, click the following article number to view the article in the Microsoft Knowledge Base:
    322756 How to back up and restore the registry in Windows


    The ClientMinKeyBitLength DWord registry entry enables you to set the minimum DHE group size in bits that the client will accept from the server. In the following example, a 512-bit group size is accepted. By default, without the ClientMinKeyBitLength DWord registry entry present, Schannel uses a 1,024-bit minimum group size on the client.

    To edit this registry entry, follow these steps:
    1. Click Start, click Run, type regedit in the Open box, and then click OK.
    2. Locate and then click the following subkey in the registry:
      HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\KeyExchangeAlgorithms\Diffie-Hellman
    3. On the Edit menu, point to New, and then click DWORD Value.
    4. Type ClientMinKeyBitLength for the name of the DWORD, and then press Enter.
    5. Right-click ClientMinKeyBitLength, and then click Modify.
    6. In the Value data box, type 00000200, and then click OK.
    7. Exit Registry Editor, and then restart the computer.

File information


The English (United States) version of this software update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time and with your current daylight saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.