On 10/26/2022 10:56 AM, Viktor Dukhovni wrote:
RAPTOR REMARK: Alert! Please be careful! This email is from an EXTERNAL sender.
Be aware of impersonation and credential theft.
On Wed, Oct 26, 2022 at 03:56:29PM +0200, Gerald Galster wrote:
This issue is resolved by update KB5018496 for Windows 11 22H2 x64:
https://support.microsoft.com/en-us/topic/october-25-2022-kb5018496-os-build-22621-755-preview-64040bea-1e02-4b6d-bad1-b036200c2cb3
October 25, 2022—KB5018496 (OS Build 22621.755) Preview
[...]
It addresses an issue that might affect some types of Secure Sockets
Layer (SSL) and Transport Layer Security (TLS) connections. These
connections might have handshake failures. For developers, the
affected connections are likely to send multiple frames followed by a
partial frame with a size of less than 5 bytes within a single input
buffer. If the connection fails, your app will receive the error,
“SEC_E_ILLEGAL_MESSAGE”.
There were perhaps additional resolved issues that were not mentioned,
since the PCAP files show no such packets. However, if the immediate
issue is no longer reproducible, I guess that's progress.
I wanted to mention that the update also broke some of the older Adobe
products we had in use because the DRM comms channels used TLS 1.0 and I
believe it disabled everything by TLS 1.2 in Edge by default.
Not necessarily saying Microsoft's choice was bad but it points out
Adobe's poor infrastructure for their DRM.
Regards,
KAM
