Link to home
Start Free TrialLog in
Avatar of principiamanagement
principiamanagementFlag for Indonesia

asked on

Schannel Error, System Event Log 36887

from last 2 weeks all our Win 8 / 8.1 machines started to behave erratically

Below is error message in the EventLog

A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 40.

and most of the applications dont work

iTunes Error - 0x80090326
Evernote Error - Could Not connect to the server
Windows Update - 0x80072EFE

All error point to network, but the network is good and we ruled it out becuase of the following

a packet capture revealed that there is a SSL3_ALERT_UNEXPECTED_MESSAGE / SEC_E_ILLEGAL_MESSAGE due to this the SSL handshake after the TCP Connection becomes fatal

Any help appreciated
SK
ASKER CERTIFIED SOLUTION
Avatar of paarun
paarun

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of principiamanagement

ASKER

yes correct but it was updated by a newer version of the patch https://support.microsoft.com/en-us/kb/2992611

but it really wired that we started having this problem 2 weeks ago on all of our win 8 machine


THanks
SK
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
we have a WSUS and did approved patches in the last 2 week. But thanks for the reminder on Patch Tuesday and seems thats the best shot I have
Hi Paarun, we had two

    TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
    TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,

configured on our GPO which was causing this issue. Once we remove those all communications were ok.
Avatar of paarun
paarun

That's great. Good to hear you found the issue.