Poodle Attack–What it is, and how to prevent it in your browsers.

By on November 1, 2014 8:44:29 AM from JoeUser Forums JoeUser Forums

DrJBHL

Join Date 04/2002
+2257

 

OK…this is a bit technical, so brace yourselves. Anyway, recently, a SSL 3.0 vulnerability was discovered. This vulnerability allows the injection of malicious code into your computer and web hosting servers and allow remote code execution. So what’s SSL? It means Secure Sockets Layer (and there are 3). It has been superceded by TLS (Transport Layer Security).

The Poodle (Padding Oracle On Downgraded Legacy Encryption) attack allows a web criminal to intercept data that is being sent over the SSL3 connection. Not only can he or she intercept the data, the web criminal can inject their own data into the connection, making the website believe that it came from the browser. Likewise, it makes the browser believe that the malicious data comes from the web server.

You can test your browser vulnerability at the following site https://www.poodletest.com/

There’s a good guide here to how to fix various browsers: http://www.tomsguide.com/us/poodle-fix-how-to,news-19775.html

MS has released a Fixit tool for those who use IE:

Download links:

So…if you haven’t already done so, time to act!

Sources:

http://news.thewindowsclub.com/fix-it-disable-ssl-3-0-vulnerability-ie-69815/

http://www.thewindowsclub.com/ssl-3-0-secure-browser-poodle-vulnerability-attack

http://www.tomsguide.com/us/poodle-fix-how-to,news-19775.html

Locked Post 17 Replies
Search this post
Subscription Options


Reason for Karma (Optional)
Successfully updated karma reason!
November 1, 2014 8:50:08 AM from Elemental Forums Elemental Forums

Thanks for the heads up!

Reason for Karma (Optional)
Successfully updated karma reason!
November 1, 2014 9:07:59 AM from WinCustomize Forums WinCustomize Forums

Great Info Thx Doc...

Reason for Karma (Optional)
Successfully updated karma reason!
November 1, 2014 12:14:07 PM from Sins of a Solar Empire Forums Sins of a Solar Empire Forums

Got it fixed.

Reason for Karma (Optional)
Successfully updated karma reason!
Sign Up or Login and this ad disappears!
There are many great features available to you once you register. Sign Up for a free account and browse the forums without ads.
November 1, 2014 1:41:52 PM from WinCustomize Forums WinCustomize Forums

Thanks for the tip, as always.  For what it's worth my Whitehat Aviator running at stock settings passed fine.  I like the way he did the test, the guy has a sense of humor. 

Reason for Karma (Optional)
Successfully updated karma reason!
November 1, 2014 2:39:18 PM from WinCustomize Forums WinCustomize Forums

Thanks for the warning, Doc. I almost stepped in some. All kidding aside, my preferred browser failed as did FF Portable. Chrome portable passed. On my 7 rig, that is as far as I care to go. IE11 with Chrome Portable for a fallback browser.

From these results, I can gather several conclusions.

1: Malware creators love IE, it's the default browser of millions of Windows users. (who know damn little about what's inside that box, tablet, phone, etc.)

2:FartFox is still the failing, memory leaking piece of crap that it was/is, I avoid it like it was ebola.  

3:Scare tactics do drive public opinion. The flock is easily herded

3:The devs at Google either really know their shit or are behind half of this crap. It's a tossup there.

4: I have spent more time responding to your post than most people will. You scared most of them away with that getting technical warning.

5: Lather rinse repeat.

 

Reason for Karma (Optional)
Successfully updated karma reason!
November 1, 2014 3:42:48 PM from WinCustomize Forums WinCustomize Forums

and screw that pooch, I'm a cat person.

 he's just a dog, and he's French

 

 

Reason for Karma (Optional)
Successfully updated karma reason!
November 1, 2014 3:43:45 PM from WinCustomize Forums WinCustomize Forums

 Not that I hold anything against the French

andiaintgonnauncheckadoggonething

 

 

Reason for Karma (Optional)
Successfully updated karma reason!
November 1, 2014 3:51:17 PM from WinCustomize Forums WinCustomize Forums

Okay, helping hand needed here.  I use IE and I show as vulernable.  I ran the MS fix it link to disable, do I also run the other link they show to restore or will that just make me vulernable again?

Reason for Karma (Optional)
Successfully updated karma reason!
November 2, 2014 3:26:08 AM from Elemental Forums Elemental Forums

you might want to "restore" when ms comes up with a patch... not sure if win update undo hotfixes before they patch in fixes or not... sometimes hotfixes messes up later winupdates (i think)

 

but who remembers to unfix stuff, ever?

Reason for Karma (Optional)
Successfully updated karma reason!
November 2, 2014 4:26:29 AM from WinCustomize Forums WinCustomize Forums

@ Philly: Just run 51024 which will be the fix for IE. Don't run 51025 which will reverse 51024 and make you vulnerable. The patch, when and if it comes will take care of that for you, because no one ever remembers to 'unfix'.

@ Wiz: After you test and do the fix, clear the browser cache and retest. Or, retest here: https://www.ssllabs.com/ssltest/viewMyClient.html

WC'ers don't scare that easily. 

 


Reason for Karma (Optional)
Successfully updated karma reason!
November 2, 2014 8:23:57 AM from Elemental Forums Elemental Forums

We could protect ourselves from poodle attacks merely by having pics of cute cats on our desktop?  

Reason for Karma (Optional)
Successfully updated karma reason!
November 2, 2014 1:40:23 PM from Elemental Forums Elemental Forums

@dr  - not convinced that the patching always undo hotfixes 1st... my previous win7 installation (bit corrupted by dying hdd...) had problems with some patches... one of which was caused by a hotfix.. and eventually went through after i tracked it down and undo the hotfix... though this one should be fairly harmless.. just basically the same as unticking the ssl 3 box in ie options, isn't it?

(that said.. ie options is used by plenty of stuff - eg.. steam, chrome..... still.. harmless.. the fix, not the bug )

Reason for Karma (Optional)
Successfully updated karma reason!
November 2, 2014 2:41:38 PM from WinCustomize Forums WinCustomize Forums

I don't see why it wouldn't depending on the patch, of course.

Generally, if you're concerned about the question you can get a good deal of info from the technet blog regarding the contents of each patch tuesday or other patches issued off that schedule.

You can do that at this url: https://technet.microsoft.com/security/bulletin or in the blog: http://blogs.technet.com/b/msrc/

You can get advanced notification (if you wish) at this MS site: http://technet.microsoft.com/en-us/security/dd252948.aspx

It informs you of the date of the next release (11/11/2014 for this month) and you can check there (a few days before) if a patch is coming to deal with the issue. If there is, then you can (usually a day or later) undo the fix before dl'ng and installing the patch...

 

Reason for Karma (Optional)
Successfully updated karma reason!
November 2, 2014 7:21:53 PM from JoeUser Forums JoeUser Forums

For some reason, the fix for Chrome worked fine on 2 of my Win7 rigs but failed to work on the third.  Even after clearing the cache multiple times and rebooting, still shows as vulnerable.  Odd.

Reason for Karma (Optional)
Successfully updated karma reason!
November 4, 2014 8:24:03 AM from WinCustomize Forums WinCustomize Forums

You're sure you typed it in correctly? Maybe opening properties as Admin?

Reason for Karma (Optional)
Successfully updated karma reason!
November 4, 2014 11:27:13 AM from JoeUser Forums JoeUser Forums

Double-checked the spelling & tried copy/paste - no love.  Am Admin.  It's Windows, after all. 

 

Not daily driver, anyway.  PM's current version is Not Vulnerable by default.

Reason for Karma (Optional)
Successfully updated karma reason!
November 5, 2014 8:06:16 AM from WinCustomize Forums WinCustomize Forums

Thanks Doc. My IE is safe again. 

Reason for Karma (Optional)
Successfully updated karma reason!
Stardock Forums v1.0.0.0    #101114  walnut1   Server Load Time: 00:00:00.0000187   Page Render Time:

Home | About | Privacy | Upload Guidelines | Terms of Service | Help
WinCustomize © 2016 Stardock Corporation. All Rights Reserved.