MS12-049: Vulnerability in TLS Could Allow Information Disclosure (2655992)
Medium Nessus Plugin ID 59912
SynopsisThe remote Windows host has an information disclosure vulnerability.
DescriptionA design flaw in the CBC mode of operation on the TLS protocol can allow encrypted TLS traffic to be decrypted. This vulnerability could allow for the decryption of HTTPS traffic by an unauthorized third party.
SolutionMicrosoft has released a set of patches for Windows XP, 2003, Vista, 2008, 7, and 2008 R2.