Microsoft Windows Cipher Suites For FalseStart MiTM Vulnerability (3155527)

This host is missing a security update according to Microsoft Security Advisory 3155527 SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

MS KB3155527: Update to Cipher Suites for FalseStart

The remote Windows host is affected by a cipher downgrade vulnerability in FalseStart due to allowing TLS clients to send application data before receiving and verifying the server 'Finished' message. A man-in-the-middle attacker can exploit this to force a TLS client to encrypt the first flight ...