Here we are again with POODLE I’ve touched on it here: http://jermsmit.com/security-news-poodle-security-vulnerability/ Then secured up Apache here: http://jermsmit.com/secure-apache-httpd-from-poodle/ And even did some testing here: http://jermsmit.com/tech-short-lets-test-for-poodle-or-sslv3/ This time I am adding the steps used to secure-up some IIS Servers. Lets Start: *note* These steps apply to Server 2003, 2008, 2012 Requirements: Administrator Rights Registry Changes Reboot of Server Steps: […]
Tag: SSLv3
Google has released Chrome 39, fixing 42 security vulnerabilities and removing support for the fallback to SSLv3. Among the fixes in Google Chrome version 39 are a number of patches for high-risk vulnerabilities, including several buffer overflows, use-after-frees and integer overflows. Highlight fixes below: Please see the Chromium security page for more information. [$500][389734] High […]
First thing that came to my mind when reading about POODLE was how can I test, followed by what to do to patch/fix this. So the first thing is to test for the vulnerability. And from all I have read so far is that you are vulnerable if your servers support SSLv3. I am confident that […]