News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • Another patch-induced bug: Transport Layer Security fails with error 0x8009030f

    Home Forums AskWoody blog Another patch-induced bug: Transport Layer Security fails with error 0x8009030f

    This topic contains 12 replies, has 7 voices, and was last updated by  abbodi86 4 days, 23 hours ago.

    • Author
      Posts
    • #1995526 Reply

      woody
      Da Boss

      Microsoft has acknowledged a problem with the latest patches for Win7, 8.1, Server 2008,  2008 R2, 2012, 2012 R2 and Server 2016 – Monthly Rollups, Se
      [See the full post at: Another patch-induced bug: Transport Layer Security fails with error 0x8009030f]

      7 users thanked author for this post.
    • #1995544 Reply

      techweenie
      AskWoody Lounger

      According to the article, as long as both systems are up to date you won’t encounter this issue.  Systems that haven’t been updated since 2015 are all that’s affected, and if you’re still using a machine in that sate, well you’ve got a bigger problem than this.

      4 users thanked author for this post.
    • #1995631 Reply

      anonymous

      I monitor 2 systems that generate a similar error on average about once every 2 weeks, but sometimes in clusters of 4-6 in a few minutes.  Both systems are up to date and they are not connected other than to the internet using conventional routers.

      The Event Viewer error message is:  Schannel 36887:  A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 40.

      One system is Win7 Home which was installed in 2011.  The other is Win8.1 Home which was installed in mid-2017.

      I have not yet tracked down the reason and Dr Google is distinctly unhelpful.  I will add this to my notes and keep an eye on both systems!  One day….

      1 user thanked author for this post.
      • #1995635 Reply

        techweenie
        AskWoody Lounger

        I’ve seen that error for years on every server I manage. As far as I tell it’s just a generic SSL error that doesn’t mean much. If everything you do works normally I would forget about it.

        1 user thanked author for this post.
    • #1995722 Reply

      Mr. Natural
      AskWoody Plus

      I wonder if this has anything to do with TLS 1.0 and 1.1 reaching EOL at the end of the year? Microsoft has been working for a while now on dropping support for those protocols and will be doing so with legacy email apps.

      Red Ruffnsore reporting from the front lines.

    • #1995757 Reply

      anonymous

      Is this error associated with KB4520005, cumulative roll up for October W8.1 systems?

    • #1995797 Reply

      RM
      AskWoody Plus

      the KB article states that KB4519976, Win 7 roll up  is one of the affected updates.  Does that mean that the Master Patch list will be updated to reflect this latest Microsoft conundrum?  I am just wondering if we should just skip this roll up and wait till the November roll up hits?  Any one else have an opinion?

      • #1995851 Reply

        abbodi86
        AskWoody_MVP

        It’s a security feature restriction, not a bug

    • #1996040 Reply

      mn–
      AskWoody Lounger

      Systems that haven’t been updated since 2015 are all that’s affected,

      Actually some systems only got that update much later and OpenSSL 1.0.2 branch maintenance release t (less than 2 months old) still doesn’t have it.

      So there’s a risk, yes… particularly with embedded devices and other IoT and such.

      It’s a security feature restriction, not a bug

      Exactly. Worst case, have to drop some of the better ciphers and use less secure alternatives in SSL/TLS. Could be a lot of adjustment work if you’re affected.

    • #1996214 Reply

      anonymous

      Is this related to IE or Edge?

      If not, what does TLS have to do with the OS?

      • #1996422 Reply

        mn–
        AskWoody Lounger

        Is this related to IE or Edge?

        They’re two entries on the very large list of things that use it…

        If not, what does TLS have to do with the OS?

        You mean, other than the part where the OS comes with an implementation of it, for applications and such to use?

    • #2001019 Reply

      abbodi86
      AskWoody_MVP

      The KB article is updated with more details, and now lists all Windows versions as affected

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: Another patch-induced bug: Transport Layer Security fails with error 0x8009030f

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.