Tls cbc mode information leakage Vulnerability (MS12-049)

Release date:
Updated on:

Affected Systems:
Microsoft Windows 7
Microsoft Windows
Microsoft Windows XP Professional
Microsoft Windows XP Home Edition
Microsoft Windows Vista
Microsoft Windows Storage Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2003 Web Edition
Microsoft Windows Server 2003 Standard Edition
Microsoft Windows Server 2003 Enterprise Editi
Microsoft Windows Server 2003 Datacenter Editi
Description:
--------------------------------------------------------------------------------
Bugtraq id: 54304
Cve id: CVE-2012-1870

TLS is a secure transport layer protocol used to provide confidentiality and data integrity between two communication applications.

The TLS encryption protocol has a security vulnerability that affects the protocol itself. In CBC mode, there is a design error in using the TLS protocol in combination with a symmetric password, which mainly affects HTTPS traffic, can cause decryption of encrypted TLS traffic.

<* Source: Microsoft

Link: http://secunia.com/advisories/49874/
Http://www.microsoft.com/technet/security/bulletin/MS12-049.asp
*>

Suggestion:
--------------------------------------------------------------------------------
Temporary solution:

If you cannot install or upgrade the patch immediately, NSFOCUS recommends that you take the following measures to reduce the threat:

* Optimize the RC4 algorithm in the Server software on Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.

Vendor patch:

Microsoft
---------
Microsoft has released a Security Bulletin (MS12-049) and patches for this:

MS12-049: Vulnerability in TLS cocould Allow Information Disclosure (2655992)

Link: http://www.microsoft.com/technet/security/bulletin/MS12-049.asp