Skip to Content
 
Call Toll-Free 877-426-8849
 

Poodlebleed SSL Vulnerability Announcement

Security Alert

Many website owners and technology enthusiasts already know about the recent Heartbleed vulnerability with the security of a website, also known as SSL. This vulnerability has since been corrected but now we are facing a new emerging threat called Poodlebleed. Poodle stands for Padding Oracle On Downgraded Legacy Encryption but what it basically means is the secure data passed between a secure server and a web browser can be compromised and changed into plain text. That means passwords, credit card numbers, and other sensitive data can be read and taken while in transit. This is very serious and should be addressed immediately by your hosting provider.

If you are an Anttix client you should not worry. We have already taken the necessary steps to correct it. The issue lies with version 3 of cryptographic protocol known as SSL (Secure Socket Layers). The vulnerability only occurs when the end-user is browsing a secure page through an out-dated browser. So in order to be vulnerable to Poodlebleed not only must the server contain SSL version 3, but the user must be using an out-dated browser. By removing SSL version 3 users with out-dated browsers will no longer be able to use the encrypted portions of your site. This, however, is not a bad thing. It is better to have a secure site with no vulnerability than a site that services old browsers, while leaving your users vulnerable to identity theft. Encourage your users to update their browsers, especially for their own sakes. Outdated browsers can have a multitude of other vulnerability issues, leaving the user subject to multiple forms of attacks.

As a security reminder we encourage all of our readers to update your important passwords on a regular basis, and keep all of your internet and virus protection software up to date. Security is very important to us and we will do everything we can to stay secure on our end. We hope none of you are affected by Poodlebleed, and if you an Anttix hosting client rest assured that you are protected. If your website is not hosted with Anttix, please contact your provider right away and make sure the proper steps have been taken to secure your site.

If you would like information on how Anttix can make your website more secure, contact an Anttix representative today at (877) 426-8849 or click here to email us.

Category: