Kill The POODLE – SSL v3 Has Got To Go ASAP!
No no no, we’re not advocating animal cruelty, but this is definitely an urgent read!
It has been quite the year for major vulnerabilities, and researchers at Google have posted details of yet another! A nasty little bug they’ve named POODLE, with a potentially devastating bite. It is vulnerability in SSL 3.0, which allows malicious attackers to extract secret information from the encrypted transactions. Effectively, Poodle can help sniff out your personal information that is sent over this protocol.
All websites and services that utilize SSLv3 are potentially vulnerable to POODLE. Now luckily, most modern web browsers already resolved this matter and/or are quickly working on resolutions to discontinue support of SSL 3.0. Most of them already utilize more secure protocols, but it is still imperative that POODLE (SSL v3) is killed on your server!
You may read up more on this here at Google’s Security Blog.
We will be touching base with all our proactively managed clients (Full & Critical Admin) to see if your servers are vulnerable and if so work out a plan to get you secured. We strongly advise our on-demand support (Base Admin) clients create support tickets ASAP to get their servers checked out.
And lastly, but of course not least – to all previous but inactive SeeksAdmin clients, we’re offering to investigate if you’re vulnerable and if so get this sorted for you – free of charge on any server we previously managed for you. Contact us today for more info!
This is not the only vulnerability out there in the wild being exploited – there are plenty. We are here working hard every day to keep our Proactive clients regularly secured & updated.