Microsoft Windows Server | WI445227

Impact: We have received reports that some types of SSL and TLS connections might have handshake failures. Originating KB URL: https://support.microsoft.com/en-us/topic/5018474 Originating KB Release Date: 2022-10-11T10:00:00-07:00 Originating Build: N/A Resolved KB URL: https://support.microsoft.com/en-us/topic/5020447 Date Resolved: 2022-10-17T14:00:00-07:00 Vendor Message History: ======================= Published: 2022-10-17T21:24:26.133+00:00 ---------------------------------------- Microsoft has received reports that after installing KB5018474 (https://support.microsoft.com/help/5018474), some types of SSL (Secure Sockets Layer) and TLS (Transport Layer Security) connections might have handshake failures. Note for developers: Affected connections are likely to be sending multiple frames within a single input buffer, specifically one or more complete records with a partial record that is less than 5 bytes all sent in a single buffer. When this issue is encountered, your app will receive SEC_E_ILLEGAL_MESSAGE when the connection fails. If you are experiencing issues, please use feedback hub to file a report following the below steps: 1. Launch Feedback Hub by opening the Start menu and typing "Feedback hub", or pressing the Windows key + F 2. Fill in the "Summarize your feedback" and "Explain in more detail" boxes, then click Next. 3. Under the "Choose a category" section, ensure the "Problem" button, "Devices and Drivers" category, and "Print" subcategory are all selected. Click Next. 4. Under the "Find similar feedback" section, select the "Make new bug" radio button and click Next. 5. Under the "Add more details" section, supply any relevant detail (Note this is not critical to addressing your issue). 6. Expand the "Recreate my problem" box and press "Start recording". Reproduce the issue on your device. 7. Press "Stop recording" once finished. Click the "Submit" button. For additional information, see Send feedback to Microsoft with the Feedback Hub app (https://support.microsoft.com/windows/send-feedback-to-microsoft-with-the-feedback-hub-app-f59187f8-8739-22d6-ba93-f66612949332). Resolution: This issue was resolved in the out-of-band update KB5020447 (https://support.microsoft.com/help/5020447). To get the standalone package for KB5020447 (https://support.microsoft.com/help/5020447), search for it in the Microsoft Update Catalog. Note KB5020447 (https://support.microsoft.com/help/5020447) is not available from Windows Update and will not install automatically. You can manually import these updates into Windows Server Update Services (WSUS) and Microsoft Endpoint Configuration Manager. For WSUS instructions, see WSUS and the Catalog Site (https://docs.microsoft.com/windows-server/administration/windows-server-update-services/manage/wsus-and-the-catalog-site#the-microsoft-update-catalog-site). For Configuration Manger instructions, see Import updates from the Microsoft Update Catalog (https://docs.microsoft.com/mem/configmgr/sum/get-started/synchronize-software-updates#import-updates-from-the-microsoft-update-catalog). Important: If you are using security only updates for affected versions of Windows, you only need to install these standalone updates for the month of October 2022. Security only updates are not cumulative, and you will also need to install all previous Security only updates to be fully up to date. Monthly rollup updates are cumulative and include security and all quality updates. If you are normally using Monthly rollup updates, you will need to install both the standalone updates listed above to resolve this issue, and install the Monthly rollups released October 11, 2022 to receive the quality updates for October 2022. Affected platforms: - Client: Windows 11, version 22H2; Windows 11, version 21H2; Windows 10, version 21H2; Windows 10, version 21H1; Windows 10, version 20H2; Windows 10 Enterprise LTSC 2019; Windows 10 Enterprise LTSC 2016; Windows 10 Enterprise 2015 LTSB; Windows 8.1; Windows 7 SP1 - Server: Windows Server 2022; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1 Published: 2022-10-13T00:17:27.29+00:00 ---------------------------------------- Microsoft has received reports that after installing KB5018474 (https://support.microsoft.com/help/5018474), some types of SSL (Secure Sockets Layer) and TLS (Transport Layer Security) connections might have handshake failures. Note for developers: Affected connections are likely to be sending multiple frames within a single input buffer, specifically one or more complete records with a partial record that is less than 5 bytes all sent in a single buffer. When this issue is encountered, your app will receive SEC_E_ILLEGAL_MESSAGE when the connection fails. If you are experiencing issues, please use feedback hub to file a report following the below steps: 1. Launch Feedback Hub by opening the Start menu and typing "Feedback hub", or pressing the Windows key + F 2. Fill in the "Summarize your feedback" and "Explain in more detail" boxes, then click Next. 3. Under the "Choose a category" section, ensure the "Problem" button, "Devices and Drivers" category, and "Print" subcategory are all selected. Click Next. 4. Under the "Find similar feedback" section, select the "Make new bug" radio button and click Next. 5. Under the "Add more details" section, supply any relevant detail (Note this is not critical to addressing your issue). 6. Expand the "Recreate my problem" box and press "Start recording". Reproduce the issue on your device. 7. Press "Stop recording" once finished. Click the "Submit" button. For additional information, see Send feedback to Microsoft with the Feedback Hub app (https://support.microsoft.com/windows/send-feedback-to-microsoft-with-the-feedback-hub-app-f59187f8-8739-22d6-ba93-f66612949332). Next steps: We are presently investigating and will provide an update when more information is available. Affected platforms: - Client: Windows 11, version 22H2; Windows 11, version 21H2; Windows 10, version 21H2; Windows 10, version 21H1; Windows 10, version 20H2; Windows 10 Enterprise LTSC 2019; Windows 10 Enterprise LTSC 2016; Windows 10 Enterprise 2015 LTSB; Windows 8.1; Windows 7 SP1 - Server: Windows Server 2022; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1 Published: 2022-10-12T02:32:42.27+00:00 ---------------------------------------- Microsoft has received reports that after installing KB5018474 (https://support.microsoft.com/help/5018474), some types of SSL (Secure Sockets Layer) and TLS (Transport Layer Security) connections might have handshake failures. Note for developers: Affected connections are likely to be sending multiple frames within a single input buffer. When this issue is encountered, your app will receive SEC_E_INCOMPLETE_MESSAGE when the connection fails. If you are experiencing issues, please use feedback hub to file a report following the below steps: 1. Launch Feedback Hub by opening the Start menu and typing "Feedback hub", or pressing the Windows key + F 2. Fill in the "Summarize your feedback" and "Explain in more detail" boxes, then click Next. 3. Under the "Choose a category" section, ensure the "Problem" button, "Devices and Drivers" category, and "Print" subcategory are all selected. Click Next. 4. Under the "Find similar feedback" section, select the "Make new bug" radio button and click Next. 5. Under the "Add more details" section, supply any relevant detail (Note this is not critical to addressing your issue). 6. Expand the "Recreate my problem" box and press "Start recording". Reproduce the issue on your device. 7. Press "Stop recording" once finished. Click the "Submit" button. For additional information, see Send feedback to Microsoft with the Feedback Hub app (https://support.microsoft.com/windows/send-feedback-to-microsoft-with-the-feedback-hub-app-f59187f8-8739-22d6-ba93-f66612949332). Next steps: We are presently investigating and will provide an update when more information is available. Affected platforms: - Client: Windows 11, version 22H2; Windows 11, version 21H2; Windows 10, version 21H2; Windows 10, version 21H1; Windows 10, version 20H2; Windows 10 Enterprise LTSC 2019; Windows 10 Enterprise LTSC 2016; Windows 10 Enterprise 2015 LTSB; Windows 8.1; Windows 7 SP1 - Server: Windows Server 2022; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1