Microsoft released KB2992611, MS14-066, a critical patch to address remote code execution schannel vulnerabilities, during the November 11, 2014 patch Tuesday.  Admins scrambled to install this zero-day update as the community feared “drive-by” attacks and many security agencies rated it as one of the most critical updates released by Microsoft.  Unfortunately, the patch broke SSL/TLS handshakes for many users by improperly handling several commonly used cipher suites.  The community released a registry change fix as a workaround.  On 11/18, Microsoft released v2 of the patch.

As of 11/19/2014, 12:30pm CT, the most up-to-date fix is to install the new patches from Microsoft, including both kb2992611 and the new kb3011780.

Here is a full timeline:

11/11/2014 – Microsoft releases bulletins for patch Tuesday

11/11/2014 – community scrambles to expedite patch rollouts.  Articles and comments: Arstechnica, Threatpost

11/11 – 11/18/2014 – some end users experience errors in https handshakes, many  see err_connection_aborted in Chrome.  SQL server performance is affected.   see this good article from Darren Myher

11/11 – 11/18/2014 – Community and Microsoft recommend disabling cipher suites by implementing registry changes.  See the official Microsoft article which has been updated throughout the last 2 weeks, ServerFault, and InfoWorld posts.

11/18/2014 – Microsoft releases v2 of the patches, re-releasing kb2992611 and the new kb3011780.


Note, Qualys provides a great tool for checking cipher suites, protocol support, and handshake simulation:

Domain Name Transfers from Network Solutions®