Schannel Error, System Event Log 36887

from last 2 weeks all our Win 8 / 8.1 machines started to behave erratically

Below is error message in the EventLog

A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 40.

and most of the applications dont work

iTunes Error - 0x80090326
Evernote Error - Could Not connect to the server
Windows Update - 0x80072EFE

All error point to network, but the network is good and we ruled it out becuase of the following

a packet capture revealed that there is a SSL3_ALERT_UNEXPECTED_MESSAGE / SEC_E_ILLEGAL_MESSAGE due to this the SSL handshake after the TCP Connection becomes fatal

Any help appreciated
SK
principiamanagementAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

paarunCommented:
This seems to be a known problem acknowledged by MS. Please check the article below.

http://www.zdnet.com/article/microsoft-warns-of-problems-with-schannel-security-update/

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
principiamanagementAuthor Commented:
yes correct but it was updated by a newer version of the patch https://support.microsoft.com/en-us/kb/2992611

but it really wired that we started having this problem 2 weeks ago on all of our win 8 machine


THanks
SK
paarunCommented:
Did you update the machines with security patches/hotfix in the past two weeks? MS would be releasing patches tomorrow, suggest you get a test machine and apply all patches to see if it sorts the issue based on which you can take a call for other workstations.
SD-WAN: Making It Work for You

As bandwidth requirements and Internet costs grow, businesses naturally want to manage budgets by reducing reliance on their most expensive connection types. Learn more about how to make SD-WAN work for your business in our on-demand webinar!

principiamanagementAuthor Commented:
we have a WSUS and did approved patches in the last 2 week. But thanks for the reminder on Patch Tuesday and seems thats the best shot I have
principiamanagementAuthor Commented:
Hi Paarun, we had two

    TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
    TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,

configured on our GPO which was causing this issue. Once we remove those all communications were ok.
paarunCommented:
That's great. Good to hear you found the issue.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows 8

From novice to tech pro — start learning today.