• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 243
  • Last Modified:

How to resolve the ROBOT vulnerability on Server 2008 R2 ?

I have discovered by using vulnerability test software that 2 windows 2008 servers seemed to be vulnerable to ROBOT Attacks (Return of Bleinchenbacher's Oracle Threat),  I've been reading several articles with no answers.  Is there a Microsoft patch that fixes this (Windows update)  or is there a proper way to disable the RSA ciphers.   There seems to be a lot of info out there but nothing related to fixing the issues on a windows 2008 R2 server.

Can anyone point me int the right directions ?
Omar Urena
Omar Urena
  • 3
2 Solutions
Hello ThereSystem AdministratorCommented:
Only patches are here: https://robotattack.org/#patches
There is no MS patch for this obviously because the ROBOT targets to webservers.

But you can still do some steps to prevent this by disabling RSA encryption.

Pretty nice explanation is here: https://security.stackexchange.com/questions/177337/what-makes-servers-vulnerable-to-return-of-bleichenbachers-oracle-threat-robot

Mitigation steps:
Ideally, following both mitigation steps should be taken.
1. Update your server; patches are provided by most of the vendors. If you patch your server your immune to ROBOT vulnerability.
Note: If the patch is not available from your vendor, you can mitigate with 2nd step.
2. Disable RSA key exchange ciphers (Recommended): But if you want to keep support for RSA key exchange ciphers. Your server should at least support forward secrecy with modern browsers. (keep RSA ciphers last)
btanExec ConsultantCommented:
Microsoft is not affected in default configurations.

You can transition to encryption configurations that don’t use RSA for key exchange. There are multiple alternatives, one being Elliptic Curve Diffie-Hellman Ephemeral (ECDHE). Windows and browsers such as Chrome, Edge, and Safari already prioritize ECDHE so the risk of disruption is low. Also Forward secrecy as a better cipher mode than RSA encryption. That means that even if the key of a server gets stolen by an attacker this doesn’t allow the attacker to decrypt traffic from the past. The forward secrecy cipher modes use Diffie Hellman or Elliptic Curve Diffie Hellman.

If you want to be sure, you can look at this which has a PS to configure server to support TLS 1.1 and TLS 1.2 protocol with Forward secrecy only. Specifically for the key exchange, remove the "PKCS" to disable RSA encryption.
# Set KeyExchangeAlgorithms configuration.
New-Item 'HKLM:SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\KeyExchangeAlgorithms' -Force | Out-Null
$secureKeyExchangeAlgorithms = @(

For the next version of TLS, 1.3, will not support RSA key exchange at all.
btanExec ConsultantCommented:
For author advice
btanExec ConsultantCommented:
No further inputs received.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

WEBINAR: 10 Easy Ways to Lose a Password

Join us on June 27th at 8 am PDT to learn about the methods that hackers use to lift real, working credentials from even the most security-savvy employees. We'll cover the importance of multi-factor authentication and how these solutions can better protect your business!

  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now