Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: InfoSec Handlers Diary Blog InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Microsoft Updates MS14-066

Published: 2014-11-16
Last Updated: 2014-11-16 20:51:11 UTC
by Johannes Ullrich (Version: 1)
8 comment(s)

Microsoft updated MS14-066 to warn users about some problems caused by the additional ciphers added with the update [1]. It appears that clients who may not support these ciphers may fail to connect at all. The "quick fix" is to remove the ciphers by editing the respective registry entry (see the KB article link below for more details).

One user reported to us performance issues when connecting from MSFT Access to SQL Server, which are related to these ciphers.

Sadly, MS14-066 hasn't been Microsoft's best vulnerability announcement. The initial bulletin omitted important details (like the impact of the certificate bypass vulnerability). So far, a total of 3 vulnerabilities are being discussed in conjunction with MS14-066, while the bulletin only lists one CVE number. How the bug was disclosed has also caused confusion, with some Microsoft publications listing external discovery (but private disclosure) and others indicating internal disclosure. 

[1] https://support.microsoft.com/kb/2992611 

---
Johannes B. Ullrich, Ph.D.
STI|Twitter|LinkedIn

Keywords:
8 comment(s)
Diary Archives