Microsoft has identified a new problem affecting many Windows versions that could lead to occasional failure or timing of Transportation Layer Security (TLS) and Secure Sockets Layer (SSL) connections.
This bug is triggered by the CVE-2019-1318 TLS spoofing vulnerability related to security, which causes Windows devices to suffer from errors and timeouts during TLS DHE* cipher suite negotiations.
This occurs only when devices try to connect TLS to devices without the Extended Master Secret (EMS) extension support.
“Connections between two devices running any supported version of Windows should not have this issue when fully updated,” adds Microsoft.
The support article states that the following versions of Windows apply:
• Windows 10 Version 1607
• Windows Server 2016
• Windows 10
• Windows 8.1
• Windows Server 2012 R2
• Windows Server 2012
• Windows 7 Service Pack 1
• Windows Server 2008 R2 Service Pack 1
• Windows Server 2008 Service Pack 2
Windows Updates Originating
Many cumulative, security-only updates and monthly roll-ups published as part of Microsoft’s Patch Tuesday in October 2019 are known to trigger this issue on multiple platforms.
This is the list of all known updates that are allowed to trigger this:
• KB4519998 — LCU for Windows Server, version 1607 and Windows Server 2016.
• KB4520005 — Monthly Rollup for Windows 8.1 and Windows Server 2012 R2.
• KB4520007 — Monthly Rollup for Windows Server 2012.
• KB4519976 — Monthly Rollup for Windows 7 SP1 and Windows Server 2008 R2 SP1.
• KB4520002 — Monthly Rollup for Windows Server 2008 SP2
• KB4519990 — Security-only update for Windows 8.1 and Windows Server 2012 R2.
• KB4519985 — Security-only update for Windows Server 2012 and Windows Embedded 8 Standard.
• KB4520003 — Security-only update for Windows 7 SP1 and Windows Server 2008 R2 SP1
• KB4520009 — Security-only update for Windows Server 2008 SP2
Two solutions for mitigating intermittent timeouts and failures experienced by some Windows users are provided by Microsoft:
1. Enable support for Extend Master Secret (EMS) extensions when performing TLS connections on both the client and the server operating system.
– EMS as defined in RFC 7627, was added to supported versions of Windows in the calendar year of 2015. Any update released on or after October 8, 2019, will have EMS enabled by default for CVE-2019-1318.
2. For operating systems that do not support EMS, remove the TLS_DHE_* cipher suites from the cipher suite list in the OS of the TLS client device
– For instructions on how to do this on Windows, see Prioritizing Schannel Cipher Suites.
While this may mitigate any TLS headaches caused by this bug, Microsoft says that EMS should not be deactivated as this TLS extension has been implemented to avoid midsize attacks.
The following registry key values on the server and user can be reactivated by Windows operators who previously disabled EMS:
HKLM\System\CurrentControlSet\Control\SecurityProviders\Schannel On TLS Server: DisableServerExtendedMasterSecret: 0 On TLS Client: DisableClientExtendedMasterSecret: 0