Internet Explorer-hosted applications that have managed controls and No Touch deployment may not work correctly after you install security update 2960358

Symptoms

After you install the update that corresponds to Microsoft Security Advisory 2960358 for the .NET Framework, Internet Explorer hosted applications that have managed controls and No-Touch deployment applications may not start correctly. This behavior may only occur on Internet Explorer 9, and not on Internet Explorer 10 or Internet Explorer 11. 

Cause

Microsoft Security Advisory 2960358 for the .NET Framework disables the RC4 cipher in Transport Layer Security (TLS), and updates the default from TLS 1.0 to the more secure TLS1.2 protocol. Installing the security update in some cases may result in a failure to establish a connection in order to prevent an attacker to perform man-in-the-middle attacks and recover plaintext from encrypted sessions.

Workaround


As recommended in Security Advisory 2960358, customers should test this update for disabling RC4 before implementation in their environments. Although most applications will not be affected by this change, if an Internet Explorer-hosted managed application no longer works correctly, consider the following options:

  • Move away from No-Touch and use ClickOnce where applicable.

  • Disable RC4 on the computer. For more information about how to do this, click the following article number to view the article in the Microsoft Knowledge Base:

    245030 How to restrict the use of certain cryptographic algorithms and protocols in Schannel.dll

    The registry key setting can be found here:

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 <suite>

    "Enabled"=dword:0

Affected products

The information in this article applies to:


  • Microsoft .NET Framework 2.0 SP2

  • Microsoft .NET Framework 3.5

  • Microsoft .NET Framework 3.5.1

  • Microsoft .NET Framework 4

  • Microsoft .NET Framework 4.5

  • Microsoft .NET Framework 4.5.1

  • Microsoft .NET Framework 4.5.2

Need more help?

Expand your skills
Explore Training
Get new features first
Join Microsoft Insiders

Was this information helpful?

Thank you for your feedback!

Thank you for your feedback! It sounds like it might be helpful to connect you to one of our Office support agents.

×