Microsoft has fixed a bug in multiple versions of Windows and Windows Server that causes SSL / TLS handshake errors.
People experiencing this vulnerability see the SEC_E_ILLEGAL_MESSAGE notification on applications that try to connect to servers.
“We are fixing an issue that may affect some types of Secure Sockets Layer (SSL) and Transport Layer Security (TLS.) (opens in a new tab)) connections. These connections can have handshake failures, ”Microsoft said in announcement (opens in a new tab).
Affects multiple versions
Affected versions include Windows 11 (opens in a new tab) 22H2; Windows 11 21H2; Windows 10 21H2; Windows 10 21H1; Windows 10 20H2; Windows 10 Enterprise LTSC 2019; Windows 10 Enterprise LTSC 2016; Windows 10 Enterprise 2015 LTSB; Windows 8.1; and Windows 7 SP1.
For servers, the affected versions include Windows Server 2022; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; and Windows Server 2008 R2 SP1.
This is an out-of-band update, meaning it will not be automatically deployed through Windows Update, Windows Update for Business, or Windows Server Update Services (WSUS).
Instead, users interested in downloading updates must go to the Microsoft Update directory (opens in a new tab) and manually add them to Microsoft Endpoint Configuration Manager or Windows Server Update Services (WSUS).
Microsoft is no stranger to out of band updates. The last time we had such an update was in May 2022, when the company fixed a problem that prevented applications downloaded from the Windows Store from working properly on endpoints.
However, Hissing computer (opens in a new tab) discovered that the Cluster service may not start after installing the hotfix. In this case, it is because the update of the PnP class drivers used by the service has removed the cluster network driver.
A hotfix is still in operation for Windows 10 2016 LTSB, Windows Server 2016, and Windows 10 2015 LTSB.