Author Topic: Informational: Microsoft KB2163017 & KB3163018  (Read 8056 times)

Offline io

  • Jr. Member
  • **
  • Posts: 39
  • Country: us
  • Karma: +1/-0
    • View Profile
Informational: Microsoft KB2163017 & KB3163018
« on: June 15, 2016, 11:06:55 AM »
Microsoft released a cumulative update this week to address a number of security-related issues in Windows 10. Unfortunately, this update appears to sever MiCollab Client's ability to communicate with its servers. After login, the client reports "Disconnected from server" and repeatedly attempts to re-connect. I noted this issue today after updating a PC running MiCollab 6.0.510. Uninstalling the referenced Windows Update resolved the issue.
« Last Edit: June 20, 2016, 12:09:27 PM by irongladiator »

Offline ralph

  • Mitel Forums Admin
  • Hero Member
  • *****
  • Posts: 5815
  • Country: us
  • Karma: +473/-0
  • Published Author: http://amzn.to/2dcYSY5
    • View Profile
Re: Informational: Microsoft KB2163017
« Reply #1 on: June 15, 2016, 03:02:53 PM »
Thanks for letting us know that.
It could save a lot of frustration knowing that MS broke stuff again.

Ralph

Offline irongladiator

  • Global Moderator
  • Sr. Member
  • *****
  • Posts: 346
  • Country: us
  • Karma: +13/-0
    • View Profile
Re: Informational: Microsoft KB2163017
« Reply #2 on: June 20, 2016, 11:50:41 AM »
Hello Fellow Mitel Techs,
I also wanted to add that we have a customer that has MiCollab with Voice 6.0.206.0 and using MiCollab Client 6.0.509.0. When used on a Windows 10 Machine with MS Update KB3163018 they reported that they were no longer able to keep a connection (See Pic Below).



They also reported that once the Microsoft update was removed they were once again able to maintain a connection and have the MiCollab Client operate as normal.

I opened up a ticket with Mitel on it and their official response was that in order to support Windows 10 that they would need to upgrade to MiCollab 7.1.

Just wanted to share with y'all.

Thanks,
-Iron

Offline io

  • Jr. Member
  • **
  • Posts: 39
  • Country: us
  • Karma: +1/-0
    • View Profile
Re: Informational: Microsoft KB2163017
« Reply #3 on: June 20, 2016, 11:55:22 AM »
Hello Fellow Mitel Techs,
I also wanted to add that we have a customer that has MiCollab with Voice 6.0.206.0 and using MiCollab Client 6.0.509.0. When used on a Windows 10 Machine with MS Update KB3163018 they reported that they were no longer able to keep a connection (See Pic Below).


They also reported that once the Microsoft update was removed they were once again able to maintain a connection and have the MiCollab Client operate as normal.

I opened up a ticket with Mitel on it and their official response was that in order to support Windows 10 that they would need to upgrade to MiCollab 7.1.

Just wanted to share with y'all.

Thanks,
-Iron

Good catch - I noticed the same issue from KB3163018. Is there a way I can edit the title of this topic so that both updates are referenced?

Offline irongladiator

  • Global Moderator
  • Sr. Member
  • *****
  • Posts: 346
  • Country: us
  • Karma: +13/-0
    • View Profile
Re: Informational: Microsoft KB2163017
« Reply #4 on: June 20, 2016, 12:11:22 PM »
Good catch - I noticed the same issue from KB3163018. Is there a way I can edit the title of this topic so that both updates are referenced?

io,
This topic has been modified at your request.  :)

Thanks,
-Iron
« Last Edit: June 20, 2016, 12:13:35 PM by irongladiator »

Offline io

  • Jr. Member
  • **
  • Posts: 39
  • Country: us
  • Karma: +1/-0
    • View Profile
Re: Informational: Microsoft KB2163017 & KB3163018
« Reply #5 on: June 20, 2016, 12:17:01 PM »
Many thanks!

Offline sebiluke

  • Contributer
  • *
  • Posts: 5
  • Country: ca
  • Karma: +0/-0
    • View Profile
Re: Informational: Microsoft KB2163017 & KB3163018
« Reply #6 on: June 21, 2016, 02:24:10 PM »
Workaround...add this registry key :

It's working great for me..

 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\KeyExchangeAlgorithms\Diffie-Hellman]
 "ClientMinKeyBitLength"=dword:00000200

Offline io

  • Jr. Member
  • **
  • Posts: 39
  • Country: us
  • Karma: +1/-0
    • View Profile
Re: Informational: Microsoft KB2163017 & KB3163018
« Reply #7 on: June 21, 2016, 02:41:14 PM »
Workaround...add this registry key :

It's working great for me..

 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\KeyExchangeAlgorithms\Diffie-Hellman]
 "ClientMinKeyBitLength"=dword:00000200

Nice catch. What is your understanding on how this works?

Offline sebiluke

  • Contributer
  • *
  • Posts: 5
  • Country: ca
  • Karma: +0/-0
    • View Profile
Re: Informational: Microsoft KB2163017 & KB3163018
« Reply #8 on: June 21, 2016, 02:45:51 PM »
Check this old post on microsoft : https://support.microsoft.com/en-us/kb/3061518

it's seem the minimum allowed DHE key length on client computers is changed to 1,024 bits by default, instead of the previous minimum allowed key length of 512 bits...beacause 512bits are less secure...and probably UCA use 512bits keys...

Offline io

  • Jr. Member
  • **
  • Posts: 39
  • Country: us
  • Karma: +1/-0
    • View Profile
Re: Informational: Microsoft KB2163017 & KB3163018
« Reply #9 on: June 21, 2016, 02:48:31 PM »
Good to know - thanks.

Offline Microfiche

  • Jr. Member
  • **
  • Posts: 53
  • Country: ca
  • Karma: +1/-0
    • View Profile
Re: Informational: Microsoft KB2163017 & KB3163018
« Reply #10 on: June 24, 2016, 11:43:57 AM »
I had to create the Diffie-Hellman key and then add the D-WORD values, but worked well on a Win 7 Pro machine without uninstalling the Windows update(s)

Offline Sucamarto

  • New Member
  • *
  • Posts: 1
  • Country: au
  • Karma: +0/-0
    • View Profile
Re: Informational: Microsoft KB2163017 & KB3163018
« Reply #11 on: June 28, 2016, 10:30:22 PM »
Workaround...add this registry key :

It's working great for me..

 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\KeyExchangeAlgorithms\Diffie-Hellman]
 "ClientMinKeyBitLength"=dword:00000200

Sorry and i may be mistaken but doesn't this workaround expose a security hole in Windows as per the following Windows Security fix?

MS15-055: Vulnerability in Schannel could allow information disclosure: May 12, 2015
https://support.microsoft.com/en-us/kb/3061518

Offline VinceWhirlwind

  • Hero Member
  • *****
  • Posts: 899
  • Country: au
  • Karma: +31/-0
    • View Profile
Re: Informational: Microsoft KB2163017 & KB3163018
« Reply #12 on: June 28, 2016, 11:46:50 PM »
Yes, if you browse to the internet, and if somebody (through hijacked DNS or hijacked physical infrastructure) is on the path of your communication, they could use a Logjam attack to break your keys and read your traffic.
 
In other words, some internet users if they web-browse to the wrong place, might not be benefiting from the encryption they think they have.
 
So tell all your users to stop browsing the internet and get back to work.

Offline io

  • Jr. Member
  • **
  • Posts: 39
  • Country: us
  • Karma: +1/-0
    • View Profile
Re: Informational: Microsoft KB2163017 & KB3163018
« Reply #13 on: June 29, 2016, 08:50:30 AM »

Sorry and i may be mistaken but doesn't this workaround expose a security hole in Windows as per the following Windows Security fix?

MS15-055: Vulnerability in Schannel could allow information disclosure: May 12, 2015
https://support.microsoft.com/en-us/kb/3061518

My take on this situation is that any workaround for this issue is going to involve creating a vulnerability. Microsoft is addressing a security flaw that older versions of the UCA do not support. The only real fix is to upgrade your systems and applications.

 

Sitemap 1 2 3 4 5 6 7 8 9 10