Update rollup for POODLE attack against TLS security vulnerability in Windows Embedded CE 6.0 R3 (December 2015)

Issues that are fixed in this update
An update rollup is available for Windows Embedded CE 6.0 R3. This update rollup fixes the security issues that are described in the following article in the Microsoft Knowledge Base:
  • 2655992 MS12-049: Vulnerability in TLS could allow information disclosure: July 10, 2012

Additionally, this update rollup fixes the following issue:
  • Assume that you have a Windows Embedded CE 6.0 R3 device with web server support. When you use SSL test Labs tool to test security vulnerability, the Padding Oracle On Downgraded Legacy Encryption (POODLE) attack against TLS security vulnerability is detected.

Resolution

Software update information

A supported software update is now available from Microsoft as Windows Embedded CE 6.0 Monthly Update December 2015. In the "Installer files" subsection of the "File information" section, the package file name contains the product version, the date, the Microsoft Knowledge Base article number, and the processor type. The package file name format is as follows:
Product version-yymmdd-kbnnnnnn-processor type
For example, Wincepb60-110128-kb2492159-armv4i.msi is the ARMV4i Windows Embedded CE 6.0 Platform Builder fix that is documented in Knowledge Base article 2492159 and that is contained in the January 2011 monthly update.

Note This Windows Embedded CE 6.0 monthly update is available for download from the following Microsoft Download Center website:

Prerequisites

This update is supported only if all previous updates for this product are installed.

Registry information

Important Follow the steps in this section carefully. Serious problems might occur if you modify the registry incorrectly. Before you modify it, back up the registry for restoration in case problems occur.

After you apply this update, to be safe from POODLE SSL 3.0 attacks, you have to disable the SSL 3.0 protocol as it's a protocol wide vulnerability and not specific to Microsoft specific implementation.

  • If the device is acting as a client, SSL 3.0 can be disabled as follows:
    1. In Internet Explorer Options, clear the Use SSL 3.0 check box on the Advanced tab. Then, exit and restart Internet Explorer for this change to take effect.
    2. Set the following registry settings on the client:
      Registry location: HKEY_LOCAL_MACHINE\Comm\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\ClientDWORD name: EnabledDWORD value: 0
  • If the device is acting as a server, SSL 3.0 can be disabled by setting the following registry key on the server:
    Registry location: HKEY_LOCAL_MACHINE\Comm\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\ServerDWORD name: EnabledDWORD value: 0

Restart requirement

After you apply this update, you must perform a clean build of the whole platform. To do this, use one of the following methods:
  • On the Build menu, click Clean Solution, and then click Build Solution.
  • On the Build menu, click Rebuild Solution.
You don't have to restart the computer after you apply this software update.

Update replacement information

This update doesn't replace any other updates.

File information

The English version of this update has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time item in Control Panel.

File nameFile sizeDateTimePath
Windows embedded ce 6.0 r3_update_kb3032322.htm7,67511-Jan-201610:03151231_kb3032322
Schnlc.lib229,69205-Jan-201618:01Public\Common\Oak\Lib\Mipsii\Retail
Spbase.lib807,20805-Jan-201618:01Public\Common\Oak\Lib\Mipsii\Retail
Schnlc.lib283,10205-Jan-201618:10Public\Common\Oak\Lib\Mipsii\Debug
Spbase.lib1,093,97605-Jan-201618:10Public\Common\Oak\Lib\Mipsii\Debug
Schnlc.lib241,23605-Jan-201617:41Public\Common\Oak\Lib\Armv4i\Retail
Spbase.lib821,15405-Jan-201617:41Public\Common\Oak\Lib\Armv4i\Retail
Schnlc.lib295,94205-Jan-201617:51Public\Common\Oak\Lib\Armv4i\Debug
Spbase.lib1,116,94205-Jan-201617:51Public\Common\Oak\Lib\Armv4i\Debug
Schnlc.lib229,67205-Jan-201617:23Public\Common\Oak\Lib\X86\Retail
Spbase.lib796,33605-Jan-201617:23Public\Common\Oak\Lib\X86\Retail
Schnlc.lib264,69805-Jan-201617:31Public\Common\Oak\Lib\X86\Debug
Spbase.lib980,76605-Jan-201617:31Public\Common\Oak\Lib\X86\Debug
Schnlc.lib215,96805-Jan-201619:18Public\Common\Oak\Lib\Sh4\Retail
Spbase.lib759,40205-Jan-201619:18Public\Common\Oak\Lib\Sh4\Retail
Schnlc.lib254,74205-Jan-201619:28Public\Common\Oak\Lib\Sh4\Debug
Spbase.lib950,15605-Jan-201619:28Public\Common\Oak\Lib\Sh4\Debug
Schnlc.lib229,78205-Jan-201618:20Public\Common\Oak\Lib\Mipsii_fp\Retail
Spbase.lib807,56205-Jan-201618:20Public\Common\Oak\Lib\Mipsii_fp\Retail
Schnlc.lib283,15005-Jan-201618:29Public\Common\Oak\Lib\Mipsii_fp\Debug
Spbase.lib1,094,20005-Jan-201618:29Public\Common\Oak\Lib\Mipsii_fp\Debug
Schnlc.lib233,15405-Jan-201618:59Public\Common\Oak\Lib\Mipsiv_fp\Retail
Spbase.lib823,71805-Jan-201618:59Public\Common\Oak\Lib\Mipsiv_fp\Retail
Schnlc.lib286,11205-Jan-201619:08Public\Common\Oak\Lib\Mipsiv_fp\Debug
Spbase.lib1,113,93405-Jan-201619:08Public\Common\Oak\Lib\Mipsiv_fp\Debug
Schnlc.lib233,06405-Jan-201618:40Public\Common\Oak\Lib\Mipsiv\Retail
Spbase.lib823,36405-Jan-201618:40Public\Common\Oak\Lib\Mipsiv\Retail
Schnlc.lib286,06405-Jan-201618:49Public\Common\Oak\Lib\Mipsiv\Debug
Spbase.lib1,113,71005-Jan-201618:49Public\Common\Oak\Lib\Mipsiv\Debug

Installer files
File nameFile sizeDateTime
Wincepb60-151231-kb3032322-armv4i.msi1,196,03211-Jan-201610:26
Wincepb60-151231-kb3032322-mipsii_fp.msi1,167,36011-Jan-201610:26
Wincepb60-151231-kb3032322-mipsii.msi1,167,36011-Jan-201610:26
Wincepb60-151231-kb3032322-x86.msi1,097,72811-Jan-201610:26
Wincepb60-151231-kb3032322-sh4.msi1,118,20811-Jan-201610:26
Wincepb60-151231-kb3032322-mipsiv_fp.msi1,179,64811-Jan-201610:26
Wincepb60-151231-kb3032322-mipsiv.msi1,179,64811-Jan-201610:26

References
Learn about the terminology that Microsoft uses to describe software updates.
Properties

Article ID: 3032322 - Last Review: 01/21/2016 00:21:00 - Revision: 1.0

Windows Embedded CE 6.0 R3

  • kbfix atdownload kbexpertiseadvanced kbsurveynew kbsecbulletin kbsecurity KB3032322
Feedback