Microsoft moves to patch this potentially serious security flaw
>
Microsoft has fixed a bug affecting multiple versions of Windows and Windows Server that caused SSL/TLS handshake errors.
Those experiencing the error will see a SEC_E_ILLEGAL_MESSAGE message appear in applications trying to connect to servers.
“We are addressing an issue that may affect some types of Secure Sockets Layer (SSL) and Transport Layer Security (TLS) (opens in new tab)) connections. These connections can have handshake failures,” Microsoft said in a statement Announcement (opens in new tab).
Multiple versions affected
Affected versions include Windows 11 (opens in new tab) 22H2; Windows 11 21H2; Windows 10 21H2; Windows 10 21H1; Windows 10 20H2; Windows 10 Enterprise LTSC 2019; Windows 10 Enterprise LTSC 2016; Windows 10 Enterprise 2015 LTSB; Windows 8.1; and Windows 7 SP1.
For servers, affected versions include Windows Server 2022; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; and Windows Server 2008 R2 SP1.
This is an out-of-band update, meaning it will not be automatically deployed through Windows Update, Windows Update for Business, or Windows Server Update Services (WSUS).
Instead, users interested in getting the update should go to the Microsoft Update Catalog (opens in new tab) and manually add them to Microsoft Endpoint Configuration Manager or Windows Server Update Services (WSUS).
Microsoft is no stranger to out-of-band updates. The last time we had such an update was in May 2022, when the company fixed an issue that prevented applications downloaded from the Windows Store from working correctly on endpoints.
However, BleepingComputer (opens in new tab) found that after installing the patch, the Cluster service may not start. In this case, it happens because an update to the PnP class drivers used by the service removed a Cluster network driver.
The fix is still in the works for Windows 10 2016 LTSB, Windows Server 2016 and Windows 10 2015 LTSB.