question

SelvamPrabhakarPanner-3711 avatar image
0 Votes"
SelvamPrabhakarPanner-3711 asked PercivalYang-MSFT answered

Please help for vulnerability SSL Bar Mitzvah and SWEEt32

Hi Windows leads,

We have below vulnerabilities on Web Server, DB server, and application Server:

SSL Medium Strength Cipher Suites Supported (SWEET32)
SSL RC4 Cipher Suites Supported (Bar Mitzvah)

OS version: Windows Server 2008 R2
IIS Version: 8.5.9600.16384
.Net Version: 4.5

Please find the attachments we did on registry for your reference.

We have made changes on Registry like HKey local machine/system/current control set/SecuriyProviders/Ciphers/Enabled AES only, and in Hashes Enabled all and in KeyExchangeAlgorithms Enabled all and in Protocols enabled only TLS 1.2.

The issue was due to vulnerability (SSL Bar Mitzvah and SWEET32) on DEV server MS238GSECWS02D from weekly security report. We have done changes on registry which was recommended by Microsoft and updated KBs. Before done changes on registry, I have taken backup of registry. After that system doesn’t comes online. I have tried to restore registry from backup. That doesn’t work. Then have contacted 2nd watch team to restore last day backup of root drive. The issue got resolved before Non-Business hours.

Kindly provide more information and help us to resolve this issue.

Thanks & Regards
7829124152

105817-ssl-barwizh-and-sweet-32.png


windows-server
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

PercivalYang-MSFT avatar image
0 Votes"
PercivalYang-MSFT answered

Hello
Please do not repeatedly submit the same case on forum, The origin question has been answered, check it please.



If the Answer is helpful, please click "Accept Answer" and upvote it.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.