2 min read

Poodle SSL 3 Attack | Continued Use of SSLv3 is Dangerous

October 19, 2014

As many of you may be aware it has been confirmed that version 3 of Secure Sockets Layer (SSLv3) is vulnerable at the protocol level. As a result of this new security attack (dubbed the POODLE attack) continued use of SSLv3 is dangerous.

While this attack is harder to co-ordinate than Heartbleed, many companies including Twitter have now disabled SSL v3. You can easily check if HTTPS sites you use are vulnerable here.

At DeskDirector the security of your data and your client's data is very important to us. As a result we have spent the last few days ensuring all of our systems will work were we to disable SSLv3. We can confirm the only issues will occur for the following situations;

  • If your clients are running Windows XP and using Internet Exporer 7 or earlier the viewing of invoice PDFs and viewing of Quosal/QuoteWerks quotes in the Recommendations section will not work. They will need to upgrade to Internet Explorer 8 or higher to have this work again. All other functions will perform fine as long as you are using DeskDirector 14.2 or higher.
  • If your clients are using DeskDirector 14.1 or earlier and have Internet Explorer 7 or earlier then HTTPS sites in the Learning Center will not work. Simply upgrade them to DeskDirector 14.2 to solve this problem.

In order for you to make sure you have mitigated the situations above, we will be disabling SSL v3 on all our servers this Sunday 26th October at 8pm EST. We are expecting this will cause an outage of approxiamatly 30 minutes.

Thank you for your understanding around any potential inconvenience this will cause. Again the security of your data and your clients data is very important to us.

To read more about the SSL v3 "POODLE" attack here are a handful of links;
https://www.us-cert.gov/ncas/alerts/TA14-290A
https://community.qualys.com/blogs/securitylabs/2014/10/15/ssl-3-is-dead-killed-by-the-poodle-attack
http://googleonlinesecurity.blogspot.co.nz/2014/10/this-poodle-bites-exploiting-ssl-30.html
http://www.wired.com/2014/10/poodle-explained/

Topics: Technical
Administrator

Written by Administrator

Everything You Need to Find IT Help Desk Inefficiencies – DeskDirector
48% of IT leaders believe their ticketing system needs to be improved. But most struggle to locate ...
help-desk-efficiencies
Read More
5 Reasons to Use Tasks lists on Every IT Ticket – DeskDirector
IT tickets are like target destinations – but how do you actually reach the location?
task-lists
Read More
Help Desk Automation Strategies to Save Agents Time - DeskDirector
Imagine a bustling airport during peak travel season, where planes are landing and taking off at a ...
help-desk-automations-for-time-management
Read More