Google security researchers have discovered the POODLEbleed, a weakness in a method for securing Internet communication. This email is to inform you about how it may affect you, as a user of our SSL certificates.
 
The CVE 2014-3566 SSL v3.0 POODLE vulnerability affects servers running SSL 3.0. It centers on cipher block chaining (CBC) encryption implementations that can allow attackers with a Man-in-the-Middle (MITM) position to view the content of an encrypted transmission.
 
This is a vulnerability with the SSL protocol; existing SSL certificates are not affected and do not need to be replaced.


As a result we are disabling SSL v3 on all servers at the current time. This should have no impact on any of your services.


Monday, October 20, 2014

« Назад