CVE-2015-6112 Information

Description

SChannel in Microsoft Windows Vista SP2 Windows Server 2008 SP2 and R2 SP1 Windows 7 SP1 Windows 8 Windows 8.1 Windows Server 2012 Gold and R2 and Windows RT Gold and 8.1 lacks the required extended master-secret binding support to ensure that a server’s X.509 certificate is the same during renegotiation as it was before renegotiation which allows man-in-the-middle attackers to obtain sensitive information or modify TLS session data via a \triple handshake attack\ aka \Schannel TLS Triple Handshake Vulnerability.\

Reference

http://www.securitytracker.com/id/1034124 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-121