Microsoft Security Bulletin MS15-031 - Important

Vulnerability in Schannel Could Allow Security Feature Bypass (3046049)

Published: March 10, 2015 | Updated: March 24, 2015

Version: 1.1

This security update resolves a vulnerability in Microsoft Windows that facilitates exploitation of the publicly disclosed FREAK technique, an industry-wide issue that is not specific to Windows operating systems. The vulnerability could allow a man-in-the-middle (MiTM) attacker to force the downgrading of the key length of an RSA key to EXPORT-grade length in a TLS connection. Any Windows system using Schannel to connect to a remote TLS server with an insecure cipher suite is affected.

This security update is rated Important for all supported releases of Microsoft Windows. For more information, see the Affected Software section.

The security update addresses the vulnerability by correcting the cipher suite enforcement policies that are used when server keys are exchanged between servers and client systems. For more information about the vulnerability, see the Vulnerability Information section.

This security update also addresses the vulnerability first described in Microsoft Security Advisory 3046015.

For more information about this update, see Microsoft Knowledge Base Article 3046049.

The following software versions or editions are affected. Versions or editions that are not listed are either past their support life cycle or are not affected. To determine the support life cycle for your software version or edition, see Microsoft Support Lifecycle.

Operating System

Maximum Security Impact

Aggregate Severity Rating

Updates Replaced

Windows Server 2003

Windows Server 2003 Service Pack 2
(3046049)

Security Feature Bypass

Important

2992611 in MS14-066

Windows Server 2003 x64 Edition Service Pack 2
(3046049)

Security Feature Bypass

Important

2992611 in MS14-066

Windows Server 2003 with SP2 for Itanium-based Systems
(3046049)

Security Feature Bypass

Important

2992611 in MS14-066

Windows Vista

Windows Vista Service Pack 2
(3046049)

Security Feature Bypass

Important

3023562 in MS15-010

Windows Vista x64 Edition Service Pack 2
(3046049)

Security Feature Bypass

Important

3023562 in MS15-010

Windows Server 2008

Windows Server 2008 for 32-bit Systems Service Pack 2
(3046049)

Security Feature Bypass

Important

3023562 in MS15-010

Windows Server 2008 for x64-based Systems Service Pack 2
(3046049)

Security Feature Bypass

Important

3023562 in MS15-010

Windows Server 2008 for Itanium-based Systems Service Pack 2
(3046049)

Security Feature Bypass

Important

3023562 in MS15-010

Windows 7

Windows 7 for 32-bit Systems Service Pack 1
(3046049)

Security Feature Bypass

Important

3023562 in MS15-010

Windows 7 for x64-based Systems Service Pack 1
(3046049)

Security Feature Bypass

Important

3023562 in MS15-010

Windows Server 2008 R2

Windows Server 2008 R2 for x64-based Systems Service Pack 1
(3046049)

Security Feature Bypass

Important

3023562 in MS15-010

Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
(3046049)

Security Feature Bypass

Important

3023562 in MS15-010

Windows 8 and Windows 8.1

Windows 8 for 32-bit Systems
(3046049)

Security Feature Bypass

Important

3023562 in MS15-010

Windows 8 for x64-based Systems
(3046049)

Security Feature Bypass

Important

3023562 in MS15-010

Windows 8.1 for 32-bit Systems
(3046049)

Security Feature Bypass

Important

None

Windows 8.1 for x64-based Systems
(3046049)

Security Feature Bypass

Important

None

Windows Server 2012 and Windows Server 2012 R2

Windows Server 2012
(3046049)

Security Feature Bypass

Important

3023562 in MS15-010

Windows Server 2012 R2
(3046049)

Security Feature Bypass

Important

None

Windows RT and Windows RT 8.1

Windows RT[1]
(3046049)

Security Feature Bypass

Important

3023562 in MS15-010

Windows RT 8.1[1]
(3046049)

Security Feature Bypass

Important

None

Server Core installation option

Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
(3046049)

Security Feature Bypass

Important

3023562 in MS15-010

Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
(3046049)

Security Feature Bypass

Important

3023562 in MS15-010

Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
(3046049)

Security Feature Bypass

Important

3023562 in MS15-010

Windows Server 2012 (Server Core installation)
(3046049)

Security Feature Bypass

Important

3023562 in MS15-010

Windows Server 2012 R2 (Server Core installation)
(3046049)

Security Feature Bypass

Important

None

Note The update is available for Windows Technical Preview and Windows Server Technical Preview. Customers running these operating systems are encouraged to apply the update, which is available via Windows Update.

[1]This update is available via Windows Update only.

After installing the update, EXPORT ciphers are still enabled on Windows Server 2003; how do I disable them?
To disable the EXPORT ciphers on Windows Server 2003 systems, follow the guidance provided in Microsoft Knowledge Base Article 3050509.

The following severity ratings assume the potential maximum impact of the vulnerability. For information regarding the likelihood, within 30 days of this security bulletin's release, of the exploitability of the vulnerability in relation to its severity rating and security impact, please see the Exploitability Index in the March bulletin summary.

Vulnerability Severity Rating and Maximum Security Impact by Affected Software

Affected Software

Schannel Security Feature Bypass Vulnerability - CVE-2015-1637

Aggregate Severity Rating

Windows Server 2003

Windows Server 2003 Service Pack 2
(3046049)

Important 
Security Feature Bypass

Important

Windows Server 2003 x64 Edition Service Pack 2
(3046049)

Important 
Security Feature Bypass

Important

Windows Server 2003 with SP2 for Itanium-based Systems
(3046049)

Important 
Security Feature Bypass

Important

Windows Vista

Windows Vista Service Pack 2
(3046049)

Important 
Security Feature Bypass

Important

Windows Vista x64 Edition Service Pack 2
(3046049)

Important 
Security Feature Bypass

Important

Windows Server 2008

Windows Server 2008 for 32-bit Systems Service Pack 2
(3046049)

Important 
Security Feature Bypass

Important

Windows Server 2008 for x64-based Systems Service Pack 2
(3046049)

Important 
Security Feature Bypass

Important

Windows Server 2008 for Itanium-based Systems Service Pack 2
(3046049)

Important 
Security Feature Bypass

Important

Windows 7

Windows 7 for 32-bit Systems Service Pack 1
(3046049)

Important 
Security Feature Bypass

Important

Windows 7 for x64-based Systems Service Pack 1
(3046049)

Important 
Security Feature Bypass

Important

Windows Server 2008 R2

Windows Server 2008 R2 for x64-based Systems Service Pack 1
(3046049)

Important 
Security Feature Bypass

Important

Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
(3046049)

Important 
Security Feature Bypass

Important

Windows 8 and Windows 8.1

Windows 8 for 32-bit Systems
(3046049)

Important 
Security Feature Bypass

Important

Windows 8 for x64-based Systems
(3046049)

Important 
Security Feature Bypass

Important

Windows 8.1 for 32-bit Systems
(3046049)

Important 
Security Feature Bypass

Important

Windows 8.1 for x64-based Systems
(3046049)

Important 
Security Feature Bypass

Important

Windows Server 2012 and Windows Server 2012 R2

Windows Server 2012
(3046049)

Important 
Security Feature Bypass

Important

Windows Server 2012 R2
(3046049)

Important 
Security Feature Bypass

Important

Windows RT and Windows RT 8.1

Windows RT
(3046049)

Important 
Security Feature Bypass

Important

Windows RT 8.1
(3046049)

Important 
Security Feature Bypass

Important

Server Core installation option

Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
(3046049)

Important 
Security Feature Bypass

Important

Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
(3046049)

Important 
Security Feature Bypass

Important

Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
(3046049)

Important 
Security Feature Bypass

Important

Windows Server 2012 (Server Core installation)
(3046049)

Important 
Security Feature Bypass

Important

Windows Server 2012 R2 (Server Core installation)
(3046049)

Important 
Security Feature Bypass

Important

Schannel Security Feature Bypass Vulnerability - CVE-2015-1637

A security feature bypass vulnerability exists in Secure Channel (Schannel) that is caused by an issue in the TLS state machine whereby a client system accepts an RSA key with a shorter key length than the originally negotiated key length. The vulnerability facilitates exploitation of the publicly disclosed FREAK technique, which is an industry-wide issue that is not specific to Windows operating systems.

In a man-in-the-middle (MiTM) attack, an attacker could downgrade the key length of an RSA key to EXPORT-grade length in an encrypted TLS session. The attacker could then intercept and decrypt this traffic. Any Windows system connecting to a TLS server as a client is affected. An attacker who successfully exploited this vulnerability could perform MiTM attacks that could decrypt encrypted traffic.

The security update addresses the vulnerability by correcting the cipher suite enforcement policies that are used when server keys are exchanged between servers and client systems.

This vulnerability has been publicly disclosed. It has been assigned Common Vulnerability and Exposure number CVE-2015-1637. When this bulletin was originally released, Microsoft had not received any information to indicate that this issue had been publicly used to attack customers.

Mitigating Factors

The following mitigating factors may be helpful in your situation:

  • A server needs to support RSA key exchange EXPORT ciphers for an attack to be successful; the ciphers are disabled in default configurations of Windows Vista/Server 2008 and later operating systems.

Workarounds

The following workarounds may be helpful in your situation:

  • Disable RSA key exchange ciphers using the Group Policy Object Editor (Windows Vista and later systems only)

    You can disable the RSA key exchange ciphers in Windows Vista and later systems by modifying the SSL Cipher Suite order in the Group Policy Object Editor.

    Note Installing this update (3046049) protects systems from the vulnerability discussed in this bulletin. Customers who have previously implemented this workaround will need to follow the steps for undoing the workaround if they want to use any of the ciphers that were previously disabled.

    To disable the RSA key exchange ciphers you have to specify the ciphers that Windows should use by performing the following steps:

    1. At a command prompt, type gpedit.msc and press Enter to start the Group Policy Object Editor.
    2. Expand Computer Configuration, Administrative Templates, Network, and then click SSL Configuration Settings.
    3. Under SSL Configuration Settings, double-click SSL Cipher Suite Order.
    4. In the SSL Cipher Suite Order window, click Enabled.
    5. In the Options: pane, double-click to highlight the entire contents of the SSL Cipher Suites field and then replace its contents with the following cipher list:
      TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256,
      TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384,
      TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256,
      TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P384,
      TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P256,
      TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P384,
      TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P256,
      TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P384,
      TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
      TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
      TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384_P384,
      TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256_P256,
      TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256_P384,
      TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384_P384,
      TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256_P256,
      TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256_P384,
      TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA_P256,
      TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA_P384,
      TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA_P256,
      TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA_P384,
      TLS_DHE_DSS_WITH_AES_256_CBC_SHA256,
      TLS_DHE_DSS_WITH_AES_128_CBC_SHA256,
      TLS_DHE_DSS_WITH_AES_256_CBC_SHA,
      TLS_DHE_DSS_WITH_AES_128_CBC_SHA,
      TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
      
    6. Click OK
    7. Close the Group Policy Object Editor and then restart your system.

     

    Impact of workaround. Windows will fail to connect to systems that do not support any of the ciphers listed in the workaround. To determine which ciphers are available for each cryptographic protocol refer to Cipher Suites in Schannel.


    How to undo the workaround. Follow these steps to disable the SSL Cipher Suite Order policy setting:

    1. At a command prompt, type gpedit.msc and press Enter to start the Group Policy Object Editor.
    2. Expand Computer Configuration, Administrative Templates, Network, and then click SSL Configuration Settings.
    3. Under SSL Configuration Settings, double-click SSL Cipher Suite Order.
    4. In the SSL Cipher Suite Order window, click Disabled and then click OK.
    5. Close the Group Policy Object Editor and then restart your system.

For Security Update Deployment information, see the Microsoft Knowledge Base article referenced here in the Executive Summary.

Microsoft recognizes the efforts of those in the security community who help us protect customers through coordinated vulnerability disclosure. See Acknowledgments for more information.

The information provided in the Microsoft Knowledge Base is provided "as is" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.

  • V1.0 (March 10, 2015): Bulletin published.
  • V1.1 (March 24, 2015): Revised bulletin to add an FAQ directing customers to Microsoft Knowledge Base Article 3050509 for instructions on how to disable EXPORT ciphers after installing the update on Windows Server 2003 systems.

Page generated 2015-03-23 16:56Z-07:00.
Show: