Categories
How-To Software Technical

Please disable POODLE in IIS, here is how

Here we are again with POODLE I’ve touched on it here: http://jermsmit.com/security-news-poodle-security-vulnerability/ Then secured up Apache here: http://jermsmit.com/secure-apache-httpd-from-poodle/ And even did some testing here: http://jermsmit.com/tech-short-lets-test-for-poodle-or-sslv3/ This time I am adding the steps used to secure-up some IIS Servers. Lets Start:  *note* These steps apply to Server 2003, 2008, 2012 Requirements:  Administrator Rights Registry Changes Reboot of Server Steps: […]

Categories
News

Google Removes SSLv3 Fallback Support From Chrome

Google has released Chrome 39, fixing 42 security vulnerabilities and removing support for the fallback to SSLv3. Among the fixes in Google Chrome version 39 are a number of patches for high-risk vulnerabilities, including several buffer overflows, use-after-frees and integer overflows. Highlight fixes below: Please see the Chromium security page for more information. [$500][389734] High […]

Categories
News Software Technical

Tech Short: Let’s test for POODLE or SSLv3

First thing that came to my mind when reading about POODLE was how can I test, followed by what to do to patch/fix this. So the first thing is to test for the vulnerability. And from all I have read so far is that you are vulnerable if your servers support SSLv3. I am confident that […]