This host is missing an important security update according to Microsoft Security Advisory 2977292.

Successful exploitation allow an attacker to perform man-in-the-middle attacks and recover plaintext from encrypted sessions. Impact Level: System.

Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, https://technet.microsoft.com/en-US/library/security/2977292

The error exists due to use of lower versions of TLS allowing recovery of plaintext from encrypted sessions.

Microsoft Windows 7 x32/x64 Edition Service Pack 1 and prior. Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1 and prior. Microsoft Windows 8 x32/x64. Microsoft Windows 8.1 x32/x64 Edition. Microsoft Windows Server 2012/R2.

Get the vulnerable file version and check appropriate patch is applied or not.

• https://support.microsoft.com/kb/2977292
• https://technet.microsoft.com/en-US/library/security/2977292

---

Updated on 2015-03-25