Vulnerability in SSL 3.0 – Poodle attack and Exchange 2010 or Exchange 2013


 

Hi all,

 

a quick word about this SSL 3.0 vulnerability and Exchange Server, as there is nothing specific to Exchange regarding our recommendations.

 

Microsoft Suggested Actions to mitigate or eliminate the SSL 3.0 vulnerability are to disable 3.0 usage on clients (browsers, devices) and servers, although this vulnerability is not a huge security threat, in the sense that the attacker must show up in the middle of a Client <-> Server SSL session to perform his attack and as per the below mitigation factor from the Technet’s vulnerability detailed description:

Mitigating Factors:

· The attacker must make several hundred HTTPS requests before the attack could be successful.

· TLS 1.0, TLS 1.1, TLS 1.2, and all cipher suites that do not use CBC mode are not affected.

Then, disabling the use of SSL v3 on the client will prevent all clients to use SSL v3.0 to establish SSL channels, these will use TLS instead; the consequence of this is for services (applications servers) who don’t support TLS, who only rely on SSL 3.0 for SSL encryption => clients/browsers without support of SSL v3.0 won’t be able to access services using SSL v3.0 only; they just won’t understand other SSL encryption protocols than SSL v3.0. Exchange Server supports TLS for SSL channel encryption and then can work without SSL v3.0 as it is doing by default.

So to understand the differences between both, here is the Technet’s description which is okay to take paste here (just to not reinvent the wheel):

What is SSL? 
Secure Sockets Layer (SSL) is a cryptographic protocol that provides communication security over the Internet. SSL encrypts the data transported over the network, using cryptography for privacy and a keyed message authentication code for message reliability.

What is TLS?
Transport Layer Security (TLS) is a standard protocol that is used to provide secure web communications on the Internet or on intranets. It enables clients to authenticate servers or, optionally, servers to authenticate clients. It also provides a secure channel by encrypting communications. TLS is the latest version of the Secure Sockets Layer (SSL) protocol.

 

So disabling SSL V3.0 on the Windows Server hosting Exchange server application won’t affect classical Exchange services, it will only prevent clients that cannot/don’t “speak” TLS (who speak SSL 2.0/3.0 only) to connect to Exchange services using SSL channel.

All the other clients such as Outlook and IE will continue to work seamlessly with the Exchange services.

 

Disable SSL 3.0 in Windows

You can disable support for the SSL 3.0 protocol on Windows by following these steps:

1. Click Start, click Run, type regedt32 or type regedit, and then click OK.

2. In Registry Editor, locate the following registry key:

HKey_Local_MachineSystemCurrentControlSetControlSecurityProviders SCHANNELProtocolsSSL 3.0Server

Note If the complete registry key path does not exist, you can create it by expanding the available keys and using the New -> Key option from the Edit menu.

3. On the Edit menu, click Add Value.

4. In the Data Type list, click DWORD.

5. In the Value Name box, type Enabled, and then click OK.

Note If this value is present, double-click the value to edit its current value.

6. Type 00000000 in Binary Editor to set the value of the new key equal to "0".

7. Click OK. Restart the computer.

Note This workaround will disable SSL 3.0 for all server software installed on a system, including IIS.

Note After applying this workaround, clients that rely only on SSL 3.0 will not be able to communicate with the server.

(Source: https://technet.microsoft.com/en-us/library/security/3009008.aspx)

 

More information:

Details about the POODLE attack on the SSL 3.0 vulnerability:

http://www.theregister.co.uk/2014/10/16/poodle_analysis/

One of the security researchers says as well:

“The conditions that are required for the attack to be applicable are hard to obtain. In particular, the attacker needs to become a man-in-the-middle between the attacked client and server, and to generate, block and modify client messages to the server and vice versa."

Testing your client vulnerability to Poodle attacks/hijacks:

https://www.poodletest.com/ 

 

Hope this helps you understand a bit better what’s up with Exchange and this SSL 3.0 vulnerability,

Sam.


Comments (20)

  1. Sultan Rayes says:

    Nice article ,Can you confirm disable SSL 3 may affect IE6 clients?

  2. Sammy says:

    Hi Sultan, that’s correct, it may affect IE6 clients; This is because IE6 don’t have TLS (1.0) enabled by default, so if you disable SSL 2.0/3.0 on the server side, IE6 will fail to connect to Exchange OWA/ECP websites …

  3. Sammy says:

    … unless you explicitly enable TLS 1.0 on IE6. Anyways, note that IE6 support ended the same time as Windows XP SP3 support that was April 2014.

  4. menino says:

    Does this affect Mac clients

  5. Doaa says:

    are there any specific sites that will not open after disabling the SLLv3 ?

  6. Sammy says:

    @menino: only if the Mac client application accessing OWA or ECP (or EWS) uses only SSL 3.0 and does not use TLS at all; you should check within your Mac client browser (Safari or other) if it has TLS enabled by default.
    @Doaa: in general, after disabling SSL 3.0 on your browser (and keeping TLS), only sites hosted on servers which only support SSL 3.0 on server side will not open. Windows servers hosting Exchange natively support TLS on server side so no issues for OWA/ECP/EWS
    if you disable SSL 3.0 on your TLS enabled browser.

  7. Sultan Rayes says:

    Hello Sammy ,

    I have another question , What about SSL 2.0 ? is’t unsafe too ? can I disable it on server using the same procedure ?

    Thanks

  8. Sammy says:

    Hi again Sultan, nope, SSL 2.0 does not have this particular "bug", but it has many other vulnerabilities:

    ##SSL 2.0 has a weak MAC construction that uses the MD5 hash function with a secret prefix, making it vulnerable to length extension attacks.
    ##SSL 2.0 does not have any protection for the handshake, meaning a man-in-the-middle downgrade attack can go undetected.
    ##SSL 2.0 uses the TCP connection close to indicate the end of data. This means that truncation attacks are possible: the attacker simply forges a TCP FIN, leaving the recipient unaware of an illegitimate end of data message (SSL 3.0 fixes this problem by having
    an explicit closure alert).
    ##SSL 2.0 assumes a single service and a fixed domain certificate, which clashes with the standard feature of virtual hosting in Web servers. This means that most websites are practically impaired from using SSL.

    http://en.wikipedia.org/wiki/Transport_Layer_Security#SSL_2.0

    Sam.

  9. DH says:

    Mac Outlook 2011 doesn’t appear to support TLS; thanks MS!

  10. Rina says:

    I would like to disable ssl 3 on my exchange 2013 owa, did anyone have any issues after disabling it from the registry and outlook and outlook web working properly after that ?

  11. Sammy says:

    @Rina: done for 2 customers of mine (respectively 15,000 and 22,000 mailboxes), worked without any side effects nor any issues; Exchange 2013 uses TLS by default anyways for all HTTPS communications channels, whether it’s for server to server communications
    (MTLS) or server to client connections – so disabling it will only impact SSL v3-only clients –
    http://technet.microsoft.com/en-us/library/bb430753(v=exchg.150).aspx

  12. Usman says:

    I am following the exact procedure to disable SSL v3 but its not working. Server is windows 2003 R2 SP2. I am testing this using openssl, foundeo.com and
    https://www.ssllabs.com/ssltest. they show that SSL v3 is enabled. SSL v 2.0 is already disabled

  13. Usman says:

    Any idea?

  14. Mick says:

    You need to disable SSL in Java control panel

  15. Minis says:

    How about Exchange Server 2007 ? Is it same as Exchange Server 2010 and 2013 ?

  16. Jason says:

    I don’t have a SSL3 key on my Exchange 2010 server?

  17. Pierre-Yves says:

    You need to create it has written in the above procedure

    Note If the complete registry key path does not exist, you can create it by expanding the available keys and using the New -> Key option from the Edit menu.

  18. Bao Chau says:

    Hi everyone,

    My Organization running exchange server 2010 and 2013. Now I want to disable SSL 3.0 and SSL 2.0 on all Exchange Servers, but I don’t know either them have affect to Email system.

    Regards,

    1. SammyKrosoft says:

      Hey Thang, it won’t affect your server since it will use TLS Then (TLS is just next versions of SSL). But if you have client browsers for example that only accept or understand SSL 3.0, they won’t be able to establish the secure channel. But in the other hand, if you have such clients, that expose these clients to security risks…

Skip to main content