Mozilla released Firefox v39.0 yesterday and it blocks connections to any web site which supports weak Diffie-Hellman keys.
"In order to prevent Logjam man-in-the-middle attacks, the lower length of the supported Ephemeral Diffie-Hellman (DHE) keys has been limited to 1023-bit. 512-bit export-grade cryptography is no longer available in the Mozilla products, and users may encounter the following error message on sites offering such a weak key:
SSL received a weak ephemeral Diffie-Hellman key in Server Key Exchange handshake message. (Error code: ssl_error_weak_server_ephemeral_dh_key)"
(Source: https://developer.mozilla.org/en-US/Firefox/Releas...)
When I connect to my SEPM web console using FF39 I get the above error message and therefore never get to the login page. Does anyone know if this is due to a problem with the Windows operating system or with SEP software? FWIW the SEPM server is patched with MS15-55 (KB3061518) which fixes the Logjam vulnerability. So it seems like a SEP software problem but I haven't seen anything from Symantec about this and can't find any KB articles.
I am running SEPM v12.1 RU5 (12.1.5337.5000)
Related forum discussion at https://www-secure.symantec.com/connect/forums/ssl...