Web Security SSL Vulnerability – POODLE
If your computer is still running Windows XP and you are still using Internet Explorer 6 (IE6) (and Mac Safari older than 10.8) please be advised that starting in November most all merchant account services (aka, paying online) will no longer be offering “SSL 3.0” which is a very old and now no longer secure web security protocol.
POODLE security concern was discovered by a team at Google in September of 2014 a serious vulnerability in SSL 3.0 that can be exploited to steal certain confidential information, like an attacker can gain access to items like passwords and other private information.
The reason for this is yet another “attack” called POODLE which is causing SSL 3.0 to be no longer secure. SSL 3 is an old version of the security system that underlies secure Web transactions and is known as “Secure Sockets Layer” (SSL) or “Transport Layer Security” (TLS). Don’t worry the only pop quiz at the end of this that you fully understand that you will no longer be able to use IE6 to make payments or navigate to any secure part of the KartHost web site after mid November 2014. This is also true for millions of other web sites across the internet.
So what should you do? Well if you are using Windows XP (which had an end of life in April 2014) we highly recommend you immediately get it updated to at least Windows 7. If you are unable to do so, I suggest you at least, a minimum change out your web browser to “Chrome” (Google says they will continue to support Windows XP with their Web Browser “Chrome” until April 2015). And Mozilla who makes Firefox, another web browser, has no announced plans to stop supporting its Firefox browser on Windows XP. However Firefox will be removing SSL 3.0 capability out of Firefox 34.0 at the end of November.
For your convenience here is the link to newer web browsers you can load to your computer:
Download Google Chrome Web browser
Another very good article you can check out as to more details regarding the POODLE issue and how it effects you can be found at this Symantec article.
There is a test site to test your web browser www.poodletest.com if you see a Poodle instead of the Springfield Terrier, your are vulnerable! How to fix your your web browsers, if you are vulnerable, go to this site http://superuser.com/questions/826729/disable-sslv3-in-major-browsers and scroll down past the servers to the web browsers and you will get step by step instructions so you will not fall pray to the dreaded POODLE!!!!!!
