Hi Gavin,
A) The Checks
The How's My SSL check returns 5 good and 1 bad - Insecure Cipher Suites as below;
Bad Your client supports cipher suites that are known to be insecure:
•TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA: This cipher suite uses 3DES which is vulnerable to the Sweet32 attack but was not configured as a fallback in the ciphersuite order.
•TLS_RSA_WITH_3DES_EDE_CBC_SHA: This cipher suite uses 3DES which is vulnerable to the Sweet32 attack but was not configured as a fallback in the ciphersuite order.
•TLS_RSA_WITH_RC4_128_MD5: This cipher suite uses RC4 which has insecure biases in its output.
•TLS_RSA_WITH_RC4_128_SHA: This cipher suite uses RC4 which has insecure biases in its output.
The SSL Labs check is attached as 2 PNG files.
B) In Summary
KB4019276 isn't installed/won't install.
1) System info shows Windows edition as Windows Vista Home Premium, Service Pack 2.
2) Programs & Features lists Microsoft.NET Framework 4.5.2 as installed (and also .NET Framework 3.5 SP1 and .NET Framework 1.1)
3) When I originally went through the Vistalover post (enabling-tls-1112-support-in-vistas-internet-explorer-9) security patch KB4019276 would not install - it opens up the standalone installer, searchs for updates then returns the message "the update does not apply to your system" I tried, in date order the different versions for Windows Server 2008, but each gave the same error.
Near the end of the post is a comment by erpdude8 "The KB4019276 update has been superseded/replaced by KB4056564..." and "... KB4019276 is no longer needed." I installed KB4056564 successfully.
4) Have edited Internet Options so that only TSL 1.2 is ticked.
C) Yes, still get the same error with minimal login.
Kind Regards,
David
You do not have the required permissions to view the files attached to this post.