Microsoft moves to patch this potentially serious security flaw

Microsoft logo outside building
(Image credit: gguy / Shutterstock)

Microsoft has fixed a bug plaguing multiple versions of Windows and Windows Server that's triggering SSL/TLS handshake failures. 

Those experiencing the flaw see a SEC_E_ILLEGAL_MESSAGE notification pop up in applications that try to connect to servers. 

"We address an issue that might affect some types of Secure Sockets Layer (SSL) and Transport Layer Security (TLS) connections. These connections might have handshake failures," Microsoft said in an announcement.

Multiple versions affected

The affected versions include Windows 11 22H2; Windows 11 21H2; Windows 10 21H2; Windows 10 21H1; Windows 10 20H2; Windows 10 Enterprise LTSC 2019; Windows 10 Enterprise LTSC 2016; Windows 10 Enterprise 2015 LTSB; Windows 8.1; and Windows 7 SP1. 

For servers, affected versions include Windows Server 2022; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; and Windows Server 2008 R2 SP1.

This is an out-of-band update, meaning it won’t be automatically deployed via Windows Update, Windows Update for Business, or Windows Server Update Services (WSUS). 

Instead, users interested in picking the update up need to head over to the Microsoft Update Catalog and manually add them either into the Microsoft Endpoint Configuration Manager, or Windows Server Update Services (WSUS).

Microsoft is no stranger to out-of-band updates. Last time we had such an update was in May 2022, when the company fixed a problem that prevented applications downloaded from the Windows Store from properly running on endpoints.

However, BleepingComputer discovered that after installing the patch, the Cluster Service might fail to start. In this case, this happens because an update to the PnP class drivers used by the service removed a Cluster Network Driver.

The fix is still in the works for Windows 10 2016 LTSB, Windows Server 2016, and Windows 10 2015 LTSB.

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.