BugTraq
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
Defense in depth -- the Microsoft way (part 19): still no "perfect forward secrecy" per default in Windows 8/7/Vista/Server 2012/Server 2008 [R2] Sep 06 2014 08:52PM
Stefan Kanthak (stefan kanthak nexgo de)
Hi @ll,

on April 8, 2014 Microsoft published an update for Windows 8.1 and
Windows Server 2012 R2 (see <http://support.microsoft.com/kb/2929781>)
which enables "perfect forward secrecy" per default by reordering of
the TLS cipher suites.

Unfortunately Microsoft has not published corresponding upd...

[ more ]  
 

Privacy Statement
Copyright 2010, SecurityFocus