Jump to content
  • Microsoft fixes TLS handshake failures in Windows 11 22H2

    alf9872000

    • 533 views
    • 2 minutes
     Share


    • 533 views
    • 2 minutes

    Microsoft has addressed a known issue that triggers SSL/TLS handshake failures on client and server platforms with the release of the KB5018496 preview cumulative update.

     

    Caused by Windows security updates released during this month's Patch Tuesday, on October 11th, the issue has now also been fixed on Windows 11 22H2 systems.

     

    On impacted Windows 11 devices, users see SEC_E_ILLEGAL_MESSAGE errors in applications when connections to servers experience issues.

     

    "We address an issue that might affect some types of Secure Sockets Layer (SSL) and Transport Layer Security (TLS) connections. These connections might have handshake failures," Microsoft said.

     

    "For developers, the affected connections are likely to receive one or more records followed by a partial record with a size of less than 5 bytes within a single input buffer."

     

    Since KB5018496 is an optional preview update, it doesn't contain any security fixes and will not be installed automatically.

     

    You can install it on your device by going into Settings > Windows Update, clicking 'Check for Updates,' and then selecting the optional preview to download and install.

    Out-of-band updates for older Windows versions

    Microsoft has also released out-of-band standalone packages and cumulative updates to address the issue on older Windows versions:

     

    • Cumulative updates:
      • Windows 11, version 21H2: KB5020387
      • Windows Server 2022: KB5020436
      • Windows 10, version 20H2; Windows 10, version 21H1; Windows 10, version 22H1; Windows 10 Enterprise LTSC 2021: KB5020435
      • Windows 10 Enterprise LTSC 2019; Windows Server 2019: KB5020438
      • Windows 10 2016 LTSB; Windows Server 2016: KB5020439
      • Windows 10 2015 LTSB; KB5020440

     

    • Standalone Updates:
      • Windows 8.1; Windows Server 2012 R2: KB5020447
      • Windows Server 2012: KB5020449
      • Windows 7 SP1; Windows Server 2008 R2 SP1: KB5020448

     

    These updates can't be installed via Windows Update, Windows Update for Business, or Windows Server Update Services (WSUS).

     

    To install them, you must download them from the Microsoft Update Catalog and import them into WSUS and Microsoft Endpoint Configuration Manager.

     

    You can find the complete list of fixes and improvements included with the KB5018496 preview update in this support bulletin.

     

    Source


    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...