AnsweredAssumed Answered

Microsoft Internet Explorer 9 on Vista will not use TLS

Question asked by jlehto on Oct 27, 2014
Latest reply on Oct 29, 2014 by jlehto

Hi,

 

Due to the SSLv3 Poodle vulnerability we have decided to redirect all clients accessing our customer site to an info-page that informs them that we no longer supports SSLv3 and that they should upgrader/change settings in their browser.

 

In the redirect rule we log the UserAgent-string to get some idea as of what users are affected and for some reason we have quite large amount of 'Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0)', that according to www.whatismybrowser.com is Explorer 9 on Windows Vista, that negotiates the session via SSLv3. The large amount of users with the same UA uses TLS, but about 1-2 out of 10 goes with SSLv3.

 

I have not been able to access any of these clients or get any more information from them so the only thing I have to go with is the UA and I have not been able to find any good intel. on the Internet that could explain this issue... Does anyone have any good idea about what makes some MSIE 9 to use SSLv3 instead of TLS?

 

My webserver SSL-settings are:

!SSLv2:!MD5:!EXPORT:RSA+AES:RSA+3DES:RSA+RC4:ECDHE+AES:ECDHE+3DES:ECDHE+RC4:AES128-SHA:@STRENGTH

 

Br,

/J

Outcomes