MS KB3109853: Update to Improve TLS Session Resumption Interoperability
Info Nessus Plugin ID 87876
SynopsisThe remote Windows host is missing an update to the TLS implementation in SChannel.
DescriptionThe remote Windows host is missing an update to the Transport Layer Security (TLS) protocol implementation in SChannel. The update improves the interoperability between Schannel-based TLS clients and 3rd-party TLS servers that enable RFC5077-based resumption and that send the NewSessionTicket message in the abbreviated TLS handshake.
This update also addresses an issue in schannel.dll that could cause an RFC5077 session ticket-based resumption to fail, subsequently causing WinInet-based clients to perform a fallback to a lower TLS protocol version than what would have been otherwise negotiated.
SolutionMicrosoft has released a set of patches for Windows 8, RT, 2012, 8.1, RT 8.1, 2012 R2, and 10.