Home / bulletins MS12-006 - Important : Vulnerability in SSL/TLS Could Allow Information Disclosure (2643584) - Version: 1.2
Posted on 09 July 2013
There is an newer version: MS12-006 - Version: 1.3
ImportantSeverity Rating: Important
Revision Note: V1.2 (July 9, 2013): Bulletin revised to announce a detection change in the Windows Vista packages for the 2585542 update to correct a Windows Update reoffering issue. This is a detection change only. Customers who have already successfully updated their systems do not need to take any action.
Summary: This security update resolves a publicly disclosed vulnerability in SSL 3.0 and TLS 1.0. This vulnerability affects the protocol itself and is not specific to the Windows operating system. The vulnerability could allow information disclosure if an attacker intercepts encrypted web traffic served from an affected system. TLS 1.1, TLS 1.2, and all cipher suites that do not use CBC mode are not affected.Other versions
- MS12-006 - Version: 1.0
- MS12-006 - Version: 1.1
- MS12-006 - Version: 1.2
- MS12-006 - Version: 1.3
