News

Security Advisory for SSL/TLS Flaw Released by Microsoft

• By Chris Paoli
• 09/27/2011

In response to a new threat of attack caused by a flaw in the Secure Socket Layer (SSL) 3.0 and Transport Layer Security (TLS) 1.0, Microsoft has issued Security Advisory 2588513, which contains a description and workarounds.

The flaw, discovered and demonstrated by two security researchers last week, allows for a potential attacker to pull off a man-in-the-middle exploit by gaining access to a user's machine through an active HTTPS session.

In the demonstration, security researchers Thai Duong and Juliano Rizzo showed how their SSL exploit tool called BEAST (consisting of a Javascript/applet agents and a network sniffer) can decrypt existing cookies on a Web site to gain access to a target's machine. The two used their tool on the PayPal Web site to demonstrate that even the most secure sites are vulnerable to this flaw.  

"Once an agent has been loaded, BEAST can patiently wait until you sign in to some valuable websites to steal your accounts," wrote Doung, in a blog post.

While the two showed that an SSL attack using Javascript agents could succeed in hijacking personal information and executing malicious code, Microsoft says it believes that the possibility of a successful attack in the wild is slim.

Speaking on what is required to pull off such an attack, Microsoft said the following, in a TechNet blog post:

• "The HTTPS session must be actively attacked by a man-in-the-middle; simply observing the encrypted traffic is not sufficient.
• The malicious code the attacker uses to decrypt the HTTPS traffic must be injected and run within the user's browser session.
• The attacker's malicious code needs to be treated as from the same origin as the HTTPS server in order to it to be allowed to piggyback on an existing HTTPS connection. Most likely it requires the attacker to exploit another vulnerability to bypass the browser's same origin policy."

While the exploit only works in TLS versions 1.0, most browsers do not provide support for newer versions (TLS 1.1 and 1.2), and in Microsoft's case, Internet Explorer does not have TLS 1.1 activated as its default setting due to compatibility issues. Microsoft said it is waiting for worldwide servers to implement correct HTTPS protocols before it can set TLS 1.1 to default.

Microsoft did not provide a fix with Monday's security advisory. However, it did provide a handful of workarounds, which include switching on TLS 1.1 in Internet Explorer, enabling Microsoft's browser to prompt users before running Active Scripting and prioritizing the RC4 algorithm to secure communication, among others.