We use cookies to give you the best online experience. By using our website you agree to our use of cookies in accordance with our cookie policy.

croom new

Preferred Blog

Preferred has been serving the Tinley Park area since 1991, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Microsoft Bites Back with Fix to POODLE SSL Vulnerability

A few weeks ago, a new vulnerability was discovered in the Internet Explorer functionality of SSL 3.0. Due to the encompassing nature of the vulnerability, all operating systems are affected. This makes it a big problem that must be resolved. Thankfully, Microsoft has released a fix to the vulnerability, called Fix It, making it far easier to prevent the vulnerability from becoming an issue.

POODLE itself is generally exploited to obtain information encrypted with SSL technology through Internet traffic, such as credit card numbers or other sensitive information. In simple terms, SSL (Secure Socket Layers) is an encryption protocol used with security certifications. It has largely been replaced by the more-secure TLS (Transport Layer Security) protocol, but many systems will fall back to their SSL certification if TLS were to fail somehow. TLS isn’t affected by this issue. So, in other words, the hacker must be able to force the targeted system to fall back on their SSL certification in order to exploit this vulnerability.

The way that this vulnerability is taken advantage of is through a man-in-the-middle attack. According to the official Microsoft security advisory:

In a man-in-the-middle (MiTM) attack, an attacker could downgrade an encrypted TLS session forcing clients to use SSL 3.0 and then force the browser to execute malicious code. This code sends several requests to a target HTTPS website, where cookies are sent automatically if a previous authenticated session exists. This is a required condition in order to exploit this vulnerability. The attacker could then intercept this HTTPS traffic, and by exploiting a weakness in the CBC block cipher in SSL 3.0, could decrypt portions of the encrypted traffic (e.g. authentication cookies).

Since POODLE is a design flaw in SSL, there isn’t a way to patch the bug; therefore, vendors are forced to get crafty with their responses. They were previously suggesting that disabling the old and decrepit SSL 3.0 protocol on their sites was the best solution, as most servers these days don’t rely on this old protocol anyway. In response to this issue, Google is working to disable SSL 3.0 in all of its products over the next few months, while Mozilla’s Firefox will resolve the issue with the next upgrade in November. This will eventually make the vulnerability obsolete. However, users of Internet Explorer should take a more immediate approach to this danger.

To be fair, Microsoft’s Fix It solution is an effective way of disabling SSL 3.0 in Internet Explorer if you don’t know how to navigate your Control Panel. It’s as easy as clicking a button on their official website. Otherwise, you must disable SSL 3.0 and enable TLS 1.0, TLS 1.1, and TLS 1.2 in Internet Explorer. You can do so by following these steps:

poodle in blog 1In the Internet Explorer Tools menu (or your PC’s Control Panel), click Internet Options.

poodle in blog 2In the Internet Options window, click the Advanced tab.

poodle in blog 3Scroll down to the Security section. Notice there are checkboxes next to the available SSL and TLS options. Uncheck Use SSL 3.0, and check the following: TLS 1.0, TLS 1.1, and TLS 1.2. Be sure to check all of the TLS versions. Failing to do so could result in connection errors.

Once you’ve finished, click OK, exit and restart Internet Explorer, and you’re all set. Following this process will cause Internet Explorer to not connect to servers which only support SSL, protecting your systems from connecting to insecure servers and risking exploitation of POODLE.

At Preferred, we value the security that we provide to our clients. Keep in mind that this fix isn’t a viable replacement for the latest security updates and patches issued every month. You want to be using the latest versions of applications, software, and especially your operating system, to minimize the risks of a security breach.

Preferred can apply all of these changes for you remotely, lifting the responsibility from your shoulders so you can concentrate on other aspects of your business. Call 708-781-7110 today to see what we can do to safeguard business.

Tip of the Week: How to Use Your Smartphone to Act...
Ghost Servers - Who Ya Gonna Call?
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Saturday, November 23 2024

Captcha Image

Sign Up for Our Newsletter

  • First Name *
  • Last Name *

      Mobile? Grab this Article!

      Qr Code

      Blog Archive

      Latest Blog Entry

      Businesses of every size need to prioritize their security. This fact has not changed and will not change anytime soon. What has changed, however, are the recommended ways to approach this security. Today, we wanted to review the history of today’s predominant cybersecurity ...

      Latest News

      Best Places to Work - 5 YEARS STRONG!!

      Preferred is once again, honored for being a Best Place to Work for the fifth straight year!  Our team is what makes Preferred a Best Place to Work.  

      Daily Herald Suburban Business 2024 Best Places to Work Honorees The Daily Herald Suburban Business has announced the names of 51 companies, in 5 categories of competition, that are honored as the 2024 Best Places to Work in Illinois. This statewide survey and awards program was designed to identify, recognize and honor the best places of employment in Illinois, benefiting the state's economy, its workforce and businesses.