POODLE SSL v3 Advisory
Thursday, October 16, 2014
A number of news sources, corporations, and the OpenSSL team reported on October 14th 2014 that version 3 of SSL is vulnerable at the protocol level.
SSL plays a key role in securing your data transmission from your computer to our servers. We are advising our customers to upgrade to TLS to mitigate the situation.
This vulnerability is an industry-wide issue, and not limited to NEDOCS. We support the TLS protocol, and clients can immediately begin migrating to secure infrastructure. Since most of our clients still use Windows XP, and Internet Explorer - we will still continue to support SSL.
Even though this is an industry-wide vulnerability, it is not considered a high risk. An attacker must be on your local network, and make a large amount of calls for a successful attack.
We've found the following resources to be of high interest to our customers.
Microsoft Security Advisory 3009008
Apple Discussion Board
Google Security Blog
SSL plays a key role in securing your data transmission from your computer to our servers. We are advising our customers to upgrade to TLS to mitigate the situation.
This vulnerability is an industry-wide issue, and not limited to NEDOCS. We support the TLS protocol, and clients can immediately begin migrating to secure infrastructure. Since most of our clients still use Windows XP, and Internet Explorer - we will still continue to support SSL.
Even though this is an industry-wide vulnerability, it is not considered a high risk. An attacker must be on your local network, and make a large amount of calls for a successful attack.
We've found the following resources to be of high interest to our customers.
Microsoft Security Advisory 3009008
Apple Discussion Board
Google Security Blog