none
Windows webDAV client does not support TLS 1.2

    Question

  • Tested on Windows 7 and Windows 8.1

    It ignores or doesn't use Windows SChannel settings.

    Windows 7 webDAV Client v6.1.7601.22913 / 2014-12 / KB3019215 SSL Client Hello:
    Secure Sockets Layer
        SSLv2 Record Layer: Client Hello
            [Version: SSL 2.0 (0x0002)]
            Length: 58
            Handshake Message Type: Client Hello (1)
            Version: TLS 1.0 (0x0301)
            Cipher Spec Length: 33
            Session ID Length: 0
            Challenge Length: 16
            Cipher Specs (11 specs)
                Cipher Spec: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0x00c014)
                Cipher Spec: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0x00c013)
                Cipher Spec: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (0x00c00a)
                Cipher Spec: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (0x00c009)
                Cipher Spec: TLS_RSA_WITH_AES_256_CBC_SHA (0x000035)
                Cipher Spec: TLS_RSA_WITH_AES_128_CBC_SHA (0x00002f)
                Cipher Spec: TLS_DHE_DSS_WITH_AES_256_CBC_SHA (0x000038)
                Cipher Spec: TLS_DHE_DSS_WITH_AES_128_CBC_SHA (0x000032)
                Cipher Spec: TLS_RSA_WITH_3DES_EDE_CBC_SHA (0x00000a)
                Cipher Spec: TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA (0x000013)
                Cipher Spec: TLS_EMPTY_RENEGOTIATION_INFO_SCSV (0x0000ff)
            Challenge

    Compare to Windows 7 IE 11 Client Hello:
    Secure Sockets Layer
        TLSv1.2 Record Layer: Handshake Protocol: Client Hello
            Content Type: Handshake (22)
            Version: TLS 1.2 (0x0303)
            Length: 176
            Handshake Protocol: Client Hello
                Handshake Type: Client Hello (1)
                Length: 172
                Version: TLS 1.2 (0x0303)
                Random
                    GMT Unix Time: X
                    Random Bytes: X
                Session ID Length: 0
                Cipher Suites Length: 48
                Cipher Suites (24 suites)
                    Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (0xc028)
                    Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (0xc027)
                    Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014)
                    Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013)
                    Cipher Suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (0x009f)
                    Cipher Suite: TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (0x009e)
                    Cipher Suite: TLS_RSA_WITH_AES_256_GCM_SHA384 (0x009d)
                    Cipher Suite: TLS_RSA_WITH_AES_128_GCM_SHA256 (0x009c)
                    Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 (0xc02c)
                    Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (0xc02b)
                    Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 (0xc024)
                    Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 (0xc023)
                    Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (0xc00a)
                    Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (0xc009)
                    Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA256 (0x003d)
                    Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA256 (0x003c)
                    Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA (0x0035)
                    Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f)
                    Cipher Suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 (0x006a)
                    Cipher Suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 (0x0040)
                    Cipher Suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA (0x0038)
                    Cipher Suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA (0x0032)
                    Cipher Suite: TLS_RSA_WITH_3DES_EDE_CBC_SHA (0x000a)
                    Cipher Suite: TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA (0x0013)
                Compression Methods Length: 1
                Compression Methods (1 method)
                    Compression Method: null (0)
                Extensions Length: X
                Extension: server_name
                    Type: server_name (0x0000)
                    Length: 23
                    Server Name Indication extension
                        Server Name list length: X
                        Server Name Type: host_name (0)
                        Server Name length: X
                        Server Name: fqdn
                Extension: status_request
                    Type: status_request (0x0005)
                    Length: 5
                    Certificate Status Type: OCSP (1)
                    Responder ID list Length: 0
                    Request Extensions Length: 0
                Extension: elliptic_curves
                    Type: elliptic_curves (0x000a)
                    Length: 8
                    Elliptic Curves Length: 6
                    Elliptic curves (3 curves)
                        Elliptic curve: secp256r1 (0x0017)
                        Elliptic curve: secp384r1 (0x0018)
                        Elliptic curve: secp521r1 (0x0019)
                Extension: ec_point_formats
                    Type: ec_point_formats (0x000b)
                    Length: 2
                    EC point formats Length: 1
                    Elliptic curves point formats (1)
                        EC point format: uncompressed (0)
                Extension: signature_algorithms
                    Type: signature_algorithms (0x000d)
                    Length: 20
                    Signature Hash Algorithms Length: 18
                    Signature Hash Algorithms (9 algorithms)
                        Signature Hash Algorithm: 0x0601
                            Signature Hash Algorithm Hash: SHA512 (6)
                            Signature Hash Algorithm Signature: RSA (1)
                        Signature Hash Algorithm: 0x0603
                            Signature Hash Algorithm Hash: SHA512 (6)
                            Signature Hash Algorithm Signature: ECDSA (3)
                        Signature Hash Algorithm: 0x0401
                            Signature Hash Algorithm Hash: SHA256 (4)
                            Signature Hash Algorithm Signature: RSA (1)
                        Signature Hash Algorithm: 0x0501
                            Signature Hash Algorithm Hash: SHA384 (5)
                            Signature Hash Algorithm Signature: RSA (1)
                        Signature Hash Algorithm: 0x0201
                            Signature Hash Algorithm Hash: SHA1 (2)
                            Signature Hash Algorithm Signature: RSA (1)
                        Signature Hash Algorithm: 0x0403
                            Signature Hash Algorithm Hash: SHA256 (4)
                            Signature Hash Algorithm Signature: ECDSA (3)
                        Signature Hash Algorithm: 0x0503
                            Signature Hash Algorithm Hash: SHA384 (5)
                            Signature Hash Algorithm Signature: ECDSA (3)
                        Signature Hash Algorithm: 0x0203
                            Signature Hash Algorithm Hash: SHA1 (2)
                            Signature Hash Algorithm Signature: ECDSA (3)
                        Signature Hash Algorithm: 0x0202
                            Signature Hash Algorithm Hash: SHA1 (2)
                            Signature Hash Algorithm Signature: DSA (2)
                Extension: renegotiation_info
                    Type: renegotiation_info (0xff01)
                    Length: 1
                    Renegotiation Info extension
                        Renegotiation info extension length: 0

    Also see:

    https://social.technet.microsoft.com/Forums/windows/en-US/1a3c29ab-d038-4132-af99-b85bce51b5c2/sslv2-being-used-with-webdav

    https://social.technet.microsoft.com/Forums/window-US/4c8cc733-2a54-400e-a53a-e3f22614de9f/unable-to-map-webdav-over-ssl#4c8cc733-2a54-400e-a53a-e3f22614de9f,

    Furthermore no support for:

    - Server Name Indication
    (http://answers.microsoft.com/en-us/windows/forum/windows8_1-networking/windows-81-webdav-client-sni-support-broken/7c9b14dc-ad30-4746-b3ab-69e3cfedba3d)

    - HTTP compression
    (https://social.technet.microsoft.com/Forums/windows/en-US/f216fbc6-6aba-4119-acc5-27fcc18fed0a/any-chance-to-make-the-windows-7-microsoftwebdavminiredir-use-http-compression?forum=w7itpronetworking)

    Are you serious Microsoft?

    Wednesday, February 25, 2015 1:53 PM

All replies

  • Hi,

    We do need more time to make test about this phenomenon, please be paint.


    Roger Lu
    TechNet Community Support

    Thursday, February 26, 2015 9:51 AM
    Moderator
  • Hello Roger,

    sure.

    FYI: It doesn't look better with the latest public Windows 10 build:

    Secure Sockets Layer
        SSLv2 Record Layer: Client Hello
            [Version: SSL 2.0 (0x0002)]
            Length: 70
            Handshake Message Type: Client Hello (1)
            Version: TLS 1.0 (0x0301)
            Cipher Spec Length: 45
            Session ID Length: 0
            Challenge Length: 16
            Cipher Specs (15 specs)
                Cipher Spec: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0x00c014)
                Cipher Spec: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0x00c013)
                Cipher Spec: TLS_RSA_WITH_AES_256_CBC_SHA (0x000035)
                Cipher Spec: TLS_RSA_WITH_AES_128_CBC_SHA (0x00002f)
                Cipher Spec: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (0x00c00a)
                Cipher Spec: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (0x00c009)
                Cipher Spec: TLS_DHE_DSS_WITH_AES_256_CBC_SHA (0x000038)
                Cipher Spec: TLS_DHE_DSS_WITH_AES_128_CBC_SHA (0x000032)
                Cipher Spec: TLS_RSA_WITH_3DES_EDE_CBC_SHA (0x00000a)
                Cipher Spec: TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA (0x000013)
                Cipher Spec: TLS_RSA_WITH_RC4_128_SHA (0x000005)
                Cipher Spec: TLS_RSA_WITH_RC4_128_MD5 (0x000004)
                Cipher Spec: SSL2_RC4_128_WITH_MD5 (0x010080)
                Cipher Spec: SSL2_DES_192_EDE3_CBC_WITH_MD5 (0x0700c0)
                Cipher Spec: TLS_EMPTY_RENEGOTIATION_INFO_SCSV (0x0000ff)
            Challenge

    it even falls back to SSL3 and SSL2 if the server rejects connections:

    Secure Sockets Layer
        SSLv2 Record Layer: Client Hello
            [Version: SSL 2.0 (0x0002)]
            Length: 46
            Handshake Message Type: Client Hello (1)
            Version: SSL 3.0 (0x0300)
            Cipher Spec Length: 21
            Session ID Length: 0
            Challenge Length: 16
            Cipher Specs (7 specs)
                Cipher Spec: TLS_RSA_WITH_3DES_EDE_CBC_SHA (0x00000a)
                Cipher Spec: TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA (0x000013)
                Cipher Spec: TLS_RSA_WITH_RC4_128_SHA (0x000005)
                Cipher Spec: TLS_RSA_WITH_RC4_128_MD5 (0x000004)
                Cipher Spec: SSL2_RC4_128_WITH_MD5 (0x010080)
                Cipher Spec: SSL2_DES_192_EDE3_CBC_WITH_MD5 (0x0700c0)
                Cipher Spec: TLS_EMPTY_RENEGOTIATION_INFO_SCSV (0x0000ff)
            Challenge


    Secure Sockets Layer
        SSLv2 Record Layer: Client Hello
            [Version: SSL 2.0 (0x0002)]
            Length: 34
            Handshake Message Type: Client Hello (1)
            Version: SSL 2.0 (0x0002)
            Cipher Spec Length: 9
            Session ID Length: 0
            Challenge Length: 16
            Cipher Specs (3 specs)
                Cipher Spec: SSL2_RC4_128_WITH_MD5 (0x010080)
                Cipher Spec: SSL2_DES_192_EDE3_CBC_WITH_MD5 (0x0700c0)
                Cipher Spec: TLS_EMPTY_RENEGOTIATION_INFO_SCSV (0x0000ff)
            Challenge

    I also wonder why it keeps sending TLS_EMPTY_RENEGOTIATION_INFO_SCSV instead of TLS_FALLBACK_SCSV. Other TLS 1.0 clients also send a handshake indicator prior to the Client Hello:

    Secure Sockets Layer
        TLSv1 Record Layer: Handshake Protocol: Client Hello
            Content Type: Handshake (22)
            Version: TLS 1.0 (0x0301)
            Length: 157
            Handshake Protocol: Client Hello
                Handshake Type: Client Hello (1)
                Length: 153
                Version: TLS 1.0 (0x0301)
    ...


    • Edited by ManServ Friday, February 27, 2015 2:02 PM Additional protocol information
    Thursday, February 26, 2015 1:27 PM
  • The client also doesn't support Unicode Supplementary characters and is vulnerable to Denial of Service attacks.

    Steps to reproduce:

    1.) Connect to a webDAV share with Windows explorer

    2.) Try to access a folder which contains filenames or directories with Unicode supplementary characters in their names. Other users can upload such files to prevent Windows webDAV clients from accessing it.

    3.) Instead of the folder contents an error message is displayed:

    According to http://www.microsoft.com/Language/en-US/Search.aspx the original message is:

    %2!ls! is not accessible. You might not have permission to use this network resource. Contact the administrator of this server to find out if you have access permissions.\n\n%1!ls! Wrong Parameter.

    Auf %2!ls! kann nicht zugegriffen werden. Sie haben eventuell keine Berechtigung, diese Netzwerkressource zu verwenden. Wenden Sie sich an den Administrator des Servers, um herauszufinden, ob Sie über Berechtigungen verfügen.\n\n%1!ls! Falscher Parameter.

    Friday, February 27, 2015 10:30 AM
  • Hi,

    Sorry for my dilatory reply. Based on my research, it seems like a known issue, I found a workaround method which provided in the link below. Now the method should be able to resolve TLS 1.2 compatibility problem with WebDAV, you can try its method for test:

    https://social.technet.microsoft.com/Forums/windows/en-US/c66c3168-114d-4e03-afc2-27c466e41c99/does-windows-webdav-client-support-tls-connections?forum=w7itprogeneral


    Roger Lu
    TechNet Community Support

    Tuesday, March 3, 2015 6:47 AM
    Moderator
  • Hello Roger,

    the workaround you've mentioned is about deprecating SSL3. It doesn't show how to enable TLS 1.2 in the Microsoft Windows webDAV Client. The Microsoft Windows webDAV client ignores SChannel settings. This command on a classic shell SHOULD but does NOT result in a TLS 1.2 "Client Hello" of the Microsoft Windows webDAV Client:

    reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client" /v Enabled /d 0x1 /t reg_dword

    We don't have access to the many clients experiencing TLS connectivity problems due to the known issues you've mentioned. It is also a problem that changing such client settings requires administrative privileges.

    As you can see from the Workaround you've mentioned changing server settings sometimes causes other incompatibilities.

    Which of the mentioned issues is Microsoft aware of and which will be fixed when and in which Windows versions?

    1.) lack of TLS 1.2 support
    2.) lack of TLS Server Name Indication support
    3.) lack of HTTP compression support
    4.) nowadays also HTTP/2 support
    5.) lack of Unicode supplementary character support
    6.) Unicode supplementary character Denial of service vulnerability
    7.) Probably TLS Protocol downgrade attack vulnerability

    Tuesday, March 3, 2015 8:00 AM
  • Any new insight?

    It is still broken with the SChannel patch published yesterday: MS15-031 Vulnerability in Schannel Could Allow Security Feature Bypass (KB3046049)

    Because of the custom SSL handling the Microsoft WebDAV Client might be vulnerable to SSL weaknesses such as the recent FREAK.



    • Edited by ManServ Wednesday, March 11, 2015 1:36 PM Fix broken link
    Wednesday, March 11, 2015 7:35 AM
  • Hi all. It would really nice to know what is MS's response to this. All of our company WEBDAV servers (happens to be apache+debian) had been fine-tuned to support TLSv1.2 only, and now the accounting department has just lost all connectivity to their documents, due to this issue. We are planning to implement linux clients for the accounting too, I hope there will be a development on this webdav client in the very near future.
    Wednesday, April 1, 2015 2:25 PM
  • This is no fools' day joke: The SSL Client Hello hasn't been changed in the most recent Windows 10 build:

    Still broken

    Wednesday, April 1, 2015 7:54 PM
  • Any new updates on WebDAV client not being able to support TLS 1.1 and 1.2

    PCI compliance is now failing with TLS 1.0 enabled, yet MS has yet to have a fix for WebDAV to support these protocols.

    Really need a fix for this yesterday...

    Monday, May 11, 2015 6:46 PM
  • I don't have any news.

    The latest public Windows 10 build 10074 doesn't behave different.

    Roger Lu of Microsofts partner "Pactera" and according to his profile also "Microsoft Contingent Staff" hasn't replied for long now. I guess we shall continue to be paint.

    The mentioned Denial of Service vulnerability hasn't been fixed for nearly 5 years now. Given this deedlessness I don't expect a short term fix for any of the problems.

    I reported this via the "Windows Feedback" Program but it doesn't appear there. I posted it multiple times in different wording there. No success.

    Regarding that: Other recommendations are also ignored by Microsoft:

    https://tools.ietf.org/html/rfc7525

    https://www.bsi.bund.de/DE/Publikationen/TechnischeRichtlinien/tr02102/index_htm.html (BSI TR-02102-2 – Verwendung von Transport Layer Security)

    https://www.ssllabs.com/projects/best-practices/ (SSL/TLS Deployment Best Practices)

    By that Microsoft clearly puts customer infomation confidentiality at risk!

    Tuesday, May 12, 2015 7:39 AM
  • In Windows 10 Build 10166 Downloads larger than 50 MegaBytes still fail with "Error 0x800700DF: The file size exceeds the limit allowed and cannot be saved."

    According to KB900900: "This issue occurs because a security change that was introduced in Windows XP SP2 affects the Web Distributed Authoring and Versioning (WebDAV) redirector. This security change makes sure that an unauthorized server cannot force a client computer into a denial of service attack. If you try to download a file that is larger than 50000000 bytes, the client computer interprets this download as a denial of service attack. Therefore, the download process stops."

    How does this play together with still lacking HTTP compression support and Unicode supplementary character denial of service vulnerability!?

    However, the TLS Handshake looks much better now:

    Secure Sockets Layer
        TLSv1 Record Layer: Handshake Protocol: Client Hello
            Content Type: Handshake (22)
            Version: TLS 1.2 (0x0303)
            Length: 195
            Handshake Protocol: Client Hello
                Handshake Type: Client Hello (1)
                Length: 191
                Version: TLS 1.2 (0x0303)
                Random
                    GMT Unix Time: Jul 10, 2015 15:35:03.000000000 Mitteleuropäische Sommerzeit
                    Random Bytes: f835f963928839b8fdbe20caffcbb4fcd35066490162e715...
                Session ID Length: 0
                Cipher Suites Length: 52
                Cipher Suites (26 suites)
                    Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030)
                    Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f)
                    Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (0xc028)
                    Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (0xc027)
                    Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014)
                    Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013)
                    Cipher Suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (0x009f)
                    Cipher Suite: TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (0x009e)
                    Cipher Suite: TLS_RSA_WITH_AES_256_GCM_SHA384 (0x009d)
                    Cipher Suite: TLS_RSA_WITH_AES_128_GCM_SHA256 (0x009c)
                    Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA256 (0x003d)
                    Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA256 (0x003c)
                    Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA (0x0035)
                    Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f)
                    Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 (0xc02c)
                    Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (0xc02b)
                    Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 (0xc024)
                    Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 (0xc023)
                    Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (0xc00a)
                    Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (0xc009)
                    Cipher Suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 (0x006a)
                    Cipher Suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 (0x0040)
                    Cipher Suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA (0x0038)
                    Cipher Suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA (0x0032)
                    Cipher Suite: TLS_RSA_WITH_3DES_EDE_CBC_SHA (0x000a)
                    Cipher Suite: TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA (0x0013)
                Compression Methods Length: 1
                Compression Methods (1 method)
                    Compression Method: null (0)
                Extensions Length: 98
                Extension: server_name
                    Type: server_name (0x0000)
                    Length: 32
                    Server Name Indication extension
                        Server Name list length: 30
                        Server Name Type: host_name (0)
                        Server Name length: 27
                        Server Name: webdav.rrzn.uni-hannover.de
                Extension: status_request
                    Type: status_request (0x0005)
                    Length: 5
                    Certificate Status Type: OCSP (1)
                    Responder ID list Length: 0
                    Request Extensions Length: 0
                Extension: elliptic_curves
                    Type: elliptic_curves (0x000a)
                    Length: 6
                    Elliptic Curves Length: 4
                    Elliptic curves (2 curves)
                        Elliptic curve: secp256r1 (0x0017)
                        Elliptic curve: secp384r1 (0x0018)
                Extension: ec_point_formats
                    Type: ec_point_formats (0x000b)
                    Length: 2
                    EC point formats Length: 1
                    Elliptic curves point formats (1)
                        EC point format: uncompressed (0)
                Extension: signature_algorithms
                    Type: signature_algorithms (0x000d)
                    Length: 20
                    Signature Hash Algorithms Length: 18
                    Signature Hash Algorithms (9 algorithms)
                        Signature Hash Algorithm: 0x0401
                            Signature Hash Algorithm Hash: SHA256 (4)
                            Signature Hash Algorithm Signature: RSA (1)
                        Signature Hash Algorithm: 0x0501
                            Signature Hash Algorithm Hash: SHA384 (5)
                            Signature Hash Algorithm Signature: RSA (1)
                        Signature Hash Algorithm: 0x0201
                            Signature Hash Algorithm Hash: SHA1 (2)
                            Signature Hash Algorithm Signature: RSA (1)
                        Signature Hash Algorithm: 0x0403
                            Signature Hash Algorithm Hash: SHA256 (4)
                            Signature Hash Algorithm Signature: ECDSA (3)
                        Signature Hash Algorithm: 0x0503
                            Signature Hash Algorithm Hash: SHA384 (5)
                            Signature Hash Algorithm Signature: ECDSA (3)
                        Signature Hash Algorithm: 0x0203
                            Signature Hash Algorithm Hash: SHA1 (2)
                            Signature Hash Algorithm Signature: ECDSA (3)
                        Signature Hash Algorithm: 0x0202
                            Signature Hash Algorithm Hash: SHA1 (2)
                            Signature Hash Algorithm Signature: DSA (2)
                        Signature Hash Algorithm: 0x0601
                            Signature Hash Algorithm Hash: SHA512 (6)
                            Signature Hash Algorithm Signature: RSA (1)
                        Signature Hash Algorithm: 0x0603
                            Signature Hash Algorithm Hash: SHA512 (6)
                            Signature Hash Algorithm Signature: ECDSA (3)
                Extension: SessionTicket TLS
                    Type: SessionTicket TLS (0x0023)
                    Length: 0
                    Data (0 bytes)
                Extension: Session Hash
                    Type: Session Hash (0x0017)
                    Length: 0
                    Data (0 bytes)
                Extension: renegotiation_info
                    Type: renegotiation_info (0xff01)
                    Length: 1
                    Renegotiation Info extension
                        Renegotiation info extension length: 0
    

    I hope this will be improved in the other supported Windows versions, too.

    Thanks

    Friday, July 10, 2015 2:20 PM
  • Hello Roger,

    you may check your certificate installations with:

    https://www.ssllabs.com/ssltest/index.html

    https://ssltools.websecurity.symantec.com/checker/views/certCheck.jsp

    https://www.wormly.com/test_ssl

    Tuesday, August 4, 2015 8:54 AM
  • https://technet.microsoft.com/library/security/MS15-089

    Told you so Microsoft.

    The Handshake has still not been improved with TLS 1.2 with KB3076949 against CVE-2015-2476 of MS15-089 for Windows 7. Another lost opportunity.

    Before, as in the original post:

    Secure Sockets Layer
        SSLv2 Record Layer: Client Hello
            [Version: SSL 2.0 (0x0002)]
            Length: 58
            Handshake Message Type: Client Hello (1)
            Version: TLS 1.0 (0x0301)
            Cipher Spec Length: 33
            Session ID Length: 0
            Challenge Length: 16
            Cipher Specs (11 specs)
                Cipher Spec: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0x00c014)
                Cipher Spec: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0x00c013)
                Cipher Spec: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (0x00c00a)
                Cipher Spec: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (0x00c009)
                Cipher Spec: TLS_RSA_WITH_AES_256_CBC_SHA (0x000035)
                Cipher Spec: TLS_RSA_WITH_AES_128_CBC_SHA (0x00002f)
                Cipher Spec: TLS_DHE_DSS_WITH_AES_256_CBC_SHA (0x000038)
                Cipher Spec: TLS_DHE_DSS_WITH_AES_128_CBC_SHA (0x000032)
                Cipher Spec: TLS_RSA_WITH_3DES_EDE_CBC_SHA (0x00000a)
                Cipher Spec: TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA (0x000013)
                Cipher Spec: TLS_EMPTY_RENEGOTIATION_INFO_SCSV (0x0000ff)
            Challenge

    Windows 7 (6.1.7601.23115) with KB3076949 against CVE-2015-2476 of MS15-089

    Secure Sockets Layer
        TLSv1 Record Layer: Handshake Protocol: Client Hello
            Content Type: Handshake (22)
            Version: TLS 1.0 (0x0301)
            Length: 112
            Handshake Protocol: Client Hello
                Handshake Type: Client Hello (1)
                Length: 108
                Version: TLS 1.0 (0x0301)
                Random
                    GMT Unix Time: Aug 12, 2015 15:11:32.000000000 Mitteleuropäische Sommerzeit
                    Random Bytes: c3661ff2172cf8802b212a1b66666a833ea6daaa5738147a...
                Session ID Length: 0
                Cipher Suites Length: 20
                Cipher Suites (10 suites)
                    Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014)
                    Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013)
                    Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA (0x0035)
                    Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f)
                    Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (0xc00a)
                    Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (0xc009)
                    Cipher Suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA (0x0038)
                    Cipher Suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA (0x0032)
                    Cipher Suite: TLS_RSA_WITH_3DES_EDE_CBC_SHA (0x000a)
                    Cipher Suite: TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA (0x0013)
                Compression Methods Length: 1
                Compression Methods (1 method)
                    Compression Method: null (0)
                Extensions Length: 47
                Extension: server_name
                    Type: server_name (0x0000)
                    Length: 22
                    Server Name Indication extension
                        Server Name list length: 20
                        Server Name Type: host_name (0)
                        Server Name length: 17
                        Server Name: www.microsoft.com
                Extension: elliptic_curves
                    Type: elliptic_curves (0x000a)
                    Length: 6
                    Elliptic Curves Length: 4
                    Elliptic curves (2 curves)
                        Elliptic curve: secp256r1 (0x0017)
                        Elliptic curve: secp384r1 (0x0018)
                Extension: ec_point_formats
                    Type: ec_point_formats (0x000b)
                    Length: 2
                    EC point formats Length: 1
                    Elliptic curves point formats (1)
                        EC point format: uncompressed (0)
                Extension: renegotiation_info
                    Type: renegotiation_info (0xff01)
                    Length: 1
                    Renegotiation Info extension
                        Renegotiation info extension length: 0
    Wednesday, August 12, 2015 1:34 PM
  • The ability to control protocols used by WebDAV on Windows 7 was added March 2016 (just over a year after this post):

    https://support.microsoft.com/en-us/kb/3140245

    Example: Setting the "DefaultSecureProtocols" to 0xA80 will enable all TLS protocols. I tested this and Word was able to contact a previously unreachable SharePoint Library secured by TLS 1.2 using this setting.


    -James Baca

    • Proposed as answer by James Baca Wednesday, February 15, 2017 6:10 PM
    Thursday, August 25, 2016 8:59 PM
  • I have tried this setting from https://support.microsoft.com/en-us/kb/3140245 and WebDav on Windows 7 still failing to use TLS1.2.

    It is trying SSL3.0 and TLS1.0 only, which I can see from wireshark trace:

    Win7-TLS-for-WebDAV

    Have anyone have a good Explorer integrated WebDav client for Windows that support TLS1.2?

    Tuesday, February 14, 2017 5:30 PM
  • Leanid,

    Windows Explorer should be using the same setting. Quick sanity check, are you sure you have the update installed? Try running this from the cmd.exe prompt to verify :

    wmic qfe | find "KB3140245"

    More info on your patches:

    https://social.technet.microsoft.com/wiki/contents/articles/4197.how-to-list-all-of-the-windows-and-software-updates-applied-to-a-computer.aspx


    -James Baca

    Tuesday, February 14, 2017 7:25 PM
  • My fault. This fix requires reboot. I think it is not mentioned in the article.

    After reboot it's working fine.

    Wednesday, February 15, 2017 5:30 PM
  • I'm experiencing the same issue with the WebDAV client on Windows 7 (32bit) in that I can't get it to use TLS1.1/1.2.

    I've installed SP1 and KB3140245, updated the registry, and rebooted the machine. However, when I try to map WebDAV as a network drive, it is still failing. Network monitor reveals attempts to use SSL 3.0 and TLS 1.0, so it doesn't seem to be following the settings.

    I've verified that the KB is installed
    C:\Windows\system32>wmic qfe | find "KB3140245"
    http://support.microsoft.com/?kbid=3140245  WIN7-PC  Update 
    KB3140245               <domain>\<user>     3/31/2017

    And I have the following registry key:
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp]
    "DefaultSecureProtocols"=dword:00000a00
    Any help would be appreciated.

    Friday, March 31, 2017 6:44 PM
  • Skrzyp, what does your client hello look like? It seems you have done everything required for it to advertise version TLS 1.2 during the handshake, so I would like to double check it is a client issue and not something else.

    -James Baca

    Friday, March 31, 2017 9:06 PM
  • Here it is:

    Client SSL Hello

    Friday, March 31, 2017 9:19 PM
  • Hi, actually you need two updates to make it work:

    KB3140245(the one you have): "This update provides support for Transport Layer Security (TLS) 1.1 and TLS 1.2 in Windows Server 2012, Windows 7 Service Pack 1 (SP1), and Windows Server 2008 R2 SP1."

    https://support.microsoft.com/en-us/help/3140245/update-to-enable-tls-1-1-and-tls-1-2-as-a-default-secure-protocols-in


    KB3076949 (the one you are missing): "The security update addresses the vulnerability by ensuring that the Microsoft Web Distributed Authoring and Versioning (WebDAV) client defaults to more secure protocols than SSL 2.0."

    https://technet.microsoft.com/library/security/MS15-089


    Tuesday, September 12, 2017 7:22 PM