Home Page | Skip to Navigation | Skip to Content | Skip to Search | Skip to Footer

SSL/TLS Security Feature Bypass Vulnerability Reported in Microsoft Windows


Microsoft Security Bulletin MS13-006CVE-2013-0013 )

Summary


A vulnerability in the way Windows handles SSL/TLS session version negotiation could allow an attacker to downgrade an SSL/TLS connection to SSL version 2, which supports weak encryption cyphers. The Check Point IPS Software Blade protects systems against this issue at the network level by blocking attempts to exploit it.

Details


The vulnerability is due to an error in the way Windows handle SSL/TLS session version negotiation. A remote attacker can exploit this issue by injecting specially crafted traffic into an SSL version 3 or TLS browsing session between Internet Explorer and a third-party server or a third-party client. Successful exploitation can allow the attacker to downgrade an SSL version 3 or TLS connection to SSL version 2, which supports weak encryption cyphers.

Affected Products


Please see CPAI-2013-004 for a list of the affected versions of Windows.

Solution

The security update described in MS13-006 should be deployed as soon as is practical. The Check Point IPS Software Blade protects unpatched systems in the latest IPS update by detecting and blocking attempts to inject malformed traffic into an SSL version 3 or TLS browsing session. For more information, see CPAI-2013-004.

 

Originally Published:

Last Updated: 09-Jan-2013

Legal Notice for Threat Center Advisories