POODLE Threat Stopped in its Tracks
October 21st, 2014 by BrightCloudBrightCloud has responded typically fast to the threat of the POODLE vulnerability.
Our hosting services team is disabling SSL v3 on any servers we support, alongside any published desktops, IE and Firefox services. They are also on standby, ready to provide existing customers with answers to your POODLE concerns including:
- How to disable SSL v3 in client browsers
- How to update browsers to a version that doesn’t use SSL v3
If you are a BrightCloud customer and have concerns, or if you are using IE6, please contact our expert team at SPOC@Bright-Cloud.net or call us on 03707 704 548.
What is the POODLE threat?
POODLE exploits a design flaw in the old SSL v3 protocol which affects some old systems, such as Windows XP and Internet Explorer 6. Modern systems use an alternative (TLS) and are not affected. However older systems won’t work by default with TLS and as a result fail to connect via these protocols to websites where SSL v3 has been disabled.
The risk is greatest when using public Wi-Fi because the most likely way an attacker will exploit this vulnerability is via a Wi-Fi connection.