MS KB3155527: Update to Cipher Suites for FalseStart
Medium Nessus Plugin ID 91045
SynopsisThe remote Windows host is affected by a cipher downgrade vulnerability.
DescriptionThe remote Windows host is affected by a cipher downgrade vulnerability in FalseStart due to allowing TLS clients to send application data before receiving and verifying the server 'Finished' message. A man-in-the-middle attacker can exploit this to force a TLS client to encrypt the first flight of application_data records using an attacker's chosen cipher suite from the client's list.
SolutionMicrosoft has released a set of patches for Windows 2012, 8.1, 2012 R2, and 10.