Beware of the Poodle Bug!
There’s a new security bug in town. Technically, it is called CVE-2014-3566, and elsewhere, as the Poodle Bug. Three Google engineers have discovered this security vulnerability in SSL version 3. Let’s know how this vulnerability may affect you.
What is SSL?
SSL (Secure Sockets Layer) is an encryption service that keeps your Internet communications (such as your connection to your bank’s website, online shopping site, etc.) private and from getting into the wrong hands.
How POODLE bug affects SSL 3.0
SSL 3.0 is an 18-year old technology. Although stronger encryption technologies such as TLS (Transport Layer Security) are now in force, SSL 3.0 is still used in 1% of web traffic, and supported by 95% of web browsers.
Coming to POODLE, it stands for ‘Padding Oracle On Downgraded Legacy Encryption’. It is a security flaw that exists in SSL version 3. Under the right conditions, the POODLE bug can allow an attacker to access your session cookies. With this information at hand, an attacker can take control of your online accounts including your email, banking and social networking account.
Now all this may sound scary, but the POODLE bug is not as threatening as Heartbleed or Shellshock that took the Internet by storm. It is hard to exploit.
So, Why POODLE should not worry you much? Here’s why!
An attacker who intends to use the POODLE vulnerability, has to come in between you and the website you are visiting. And one of the most likely ways an attacker can do this is when you are accessing your online account on an unsecured public Wi-Fi network.
So, is disabling SSL 3.0 support a solution?
While disabling SSL 3.0 support will mitigate the risk, it might present compatibility problems with older web browsers and servers. So, for now, end users can take the following measures:
1. Avoid accessing online accounts on unsecured Wi-Fi; this even includes your instant messaging services like WhatsApp.
2. Ensure that your browser is configured to automatic updates.
The POODLE bug story is developing. We will keep you posted about this as we collect more information. Stay tuned to our blog, and stay safe!
105 Comments
Thanks for this vital info, looking forward to more update on the POODLE BUG.
thanks update information
THANKS FOR THE INFORMATION.
thanks
Thanks for the timely information,,,Also updated automatically…Why should we worry
when QUICK HEAL is protecting my computer….Am Right?
Thank u sir…
thanks. hope Quick Heal is protecting us
please mail me all suggestions
Hi Mayur,
You can bookmark this page and save the information on your computer. You can also subscribe to our blog for receiving such news on a regular basis.
Regards,
Thank you for the warning. But is a QH user vulnerable if computer usage is not very regular?
Hi Phiroze,
Your computer is not vulnerable to new threats as long as your Quick Heal product is up-to-date.
Regards,
Thanks for this information……
WE r waiting for Quick heal online shopping Security …….
Hi Mayur,
Stay tuned to our blog on this.
Regards,
Thanks and update us about POODLE bug next time
thanks n update us
start the quic heal anti virus
great info ragib..
Thanks for giving this information…..
It appears significantly more relevant for those who are fond of using pirated Windows and rest everything either pirated free for use. Re-think, the human life starting from birth to death is a paid service. Re-think be thankful to Quick Heal
a) we use wifi from mts or iphone hotspot. is this safe?
b) how can we get such blogs , new bugs news on direct our cellphones via sms or email?
c) is whatsapp so unsecured? major coys are subscribing and not using sms now….
d) QuickHeal which version is enuf for such internet bugs ?
Hi Ranjan,
– If you are using secured Wi-Fi connection, then you are safe.
– Please subscribe to your blog post by proving your email address on the Stay Updated section (right hand side of this post)
– We cannot comment on the security of WhatsApp. However, we recommend users not to share any private, intimate, financial or confidential information over this platform.
– Every Quick Heal product is designed to protect users from Internet and malware threats. Learn more about these products here – https://www.quickheal.co.in/home-users
Regards,
Thanks for the information
Thank you for alerting us.
please tell how to be protected from this virus?
Hi Subham,
– Avoid using unsecured Wi-Fi networks.
– Keep Automatic Updates on for your Internet Browsers.
Regards,
Thanks
thanks for giving very valid information
I AM USING QUICK HEAL TOTAL SECURITY ON MY LAPTOP.HAVING OP SYS AS WINDOW XP.
WILL THE QUICK HEAL TOTAL SECURITY NOT PROTECT AGAINST Poodle Bug
Hi Chander,
As mentioned in the post, to exploit the POODLE BUG, an attacker has to come in between you and the website you are visiting. This area of vulnerability is off-limits for any antivirus software. So, it depends on the user to be more cautious, which, in this case means not using unsecured Wi-Fi network.
Regards,
THANKS FOR THE INFORMATION.
Thanks for information
I AM USING QUICK HEAL TOTAL SECURITY ON MY LAPTOP.HAVING OP SYS AS WINDOW7.
WILL THE QUICK HEAL TOTAL SECURITY NOT PROTECT AGAINST Poodle Bug
Hi Pradip,
As mentioned in the post, to exploit the POODLE BUG, an attacker has to come in between you and the website you are visiting. This area of vulnerability is off-limits for any antivirus software. So, it depends on the user to be more cautious, which, in this case means not using unsecured Wi-Fi network.
Regards,
thanks for your kind informetion.
thanks .
Thaks sir.
Thanks for telling
nice information. thanks.
Thanks a lot
Thanks for the information.
thks for update
thank u for this important information. plz keep this relation so that we can not fall in trap
thanks , was useful to me
Thanks for this vital information, looking forward to more update on this BUG.
Thanks.
thanx for valuable information
Useful information. Thanks. Please keep us updated.
Grand thanks
Supper
Thanks for the information.
Thx for the enlightenment. I will act accordingly and might stay safer online.
thks for update
thanks for the information
Thanks for the information
thanksfor information
THNK U
Thanks for useful information.
thanks for info!
if my quick heal is updated reg and working , do i need to worry or do anyother thing , pls advise .dr rekhi
Hi Dr. Rekhi,
No, you need not worry if your Quick Heal product is regularly updated. Our virus databases are constantly working around the globe and resolving issues of hundreds of malware applications.
Regards.
I am very-very thankful for the important information provided.
MY QUICK HEAL IS NOT UPDATING.. POP UP MSG SHOWING THAT PLEASE LOG IN BY ADMIN. BT ITS OPERATING FROM ADMIN..
Hi Arijit,
We request you to contact our support center in order to immediately resolve this issue. You can either call them on 0-927-22-33-000 or submit a ticket by visiting this link – https://www.quickheal.co.in/submitticket. We regret the inconvenience caused.
Regards.
Nice tips everytime to protect our Pcs. Thanks!!! Does quickHeal Have any solution for TORNTV.com?
Hi Rahul,
“TornTv” is a video streaming, potentially unwanted program and may install third-party software additionally.
It may collect information regarding your virtual activity, and this could be used by cyber criminals to flood your browsers with unreliable adware.
Quick Heal detects the “Torn TV” PUP (Potentially Unwanted Program) in Antimalware module.
To clean your system, in case it is infected with this PUP, follow the below steps (Take latest updates)
1) Right click on QH system tray icon -> select “Launch Antimalware” or
Open QH scanner -> Tools -> “Launch Antimalware”
2) Click on “Scan Now” option.
3) Scanning will start. If any PUP is found it will be shown in PUP’s files and folders.
4) Make sure “Set System Restore Point before cleaning” check box is selected.
4) Click on “Clean” option.
5) It may ask to restart the system for proper cleaning.
In case of any doubt you can raise a ticket on the below portal.
https://support.quickheal.com/v4/
Regards,
Thanks For These INFO, inform Us about if there is some updates regarding POODLE BUG!!!!!!!!!!!!
Thanks for your kind information!
Thanks
Thanks sir ji for more info…
thanks
Thank u for d info.
thnks…………
thanksforthisinformation
Thanks for the information
THANKS FOR THIS INFORMATION.
Quick heal nice application
9710087414
i am using a personal wifi..can this still affect me?
Hi Kaushal,
Yes this can still affect a user who functions over personal Wi-Fi.
Regards.
I’m really impressed knowing this news about POODLE bug vulnerability in SSL version 3.Can you me more details about this vulnerability..
Hi Debobrata,
Thank you for reading our post and for sharing your feedback. Stay tuned to our blogs for more details about this bug and other security news.
Regards.
thanks for info it is vital n thnx to quick heal
pl.send alerts in hindi
Thanks
Thanks for alerting
Thanks for informing us about this we will take the precaution as per the insruction.
Thanx for quick heal to protect my phone
Thanx
poodle bug solution and update quick heal
I would like to know more about this poddle bug.
Hi Sujit,
For more information on the POODLE bug, please follow the link given below:
https://googleonlinesecurity.blogspot.in/2014/10/this-poodle-bites-exploiting-ssl-30.html
Regards,
Thanks but I’m scared.I don’t know much about encryption etc.but my wi-fi has WPA2 security. Is it sufficient for QHT.
Hi B.K.Sinha,
Yes, WPA2 security is sufficient to prevent a POODLE attack.
Regards,
Hello…
I have a problem with my pc…im unable to open some of the websites in all browsers..when im seriously browsing something,my page navigates automatically to someother page…im unable to open any websites like songs.pk,downloadming,Movies25…pls resolve my problem…
Hi,
Firstly, we recommend that you run a full system scan on your machine, via your Quick Heal product. If this issue still persists beyond that, you should contact our support center. They can be reached on 0-927-22-33-000 or you can even submit a ticket and request a callback by visiting this link – https://www.quickheal.co.in/submitticket.
Regards.
i problem my facebook account jb mai apna fb open ki hu to close hi nhi ho rha h imean logout ho hi nhi rha h pls aap bataye ki logout kaise hoga , mai logout bar bar krti hu pr logout ho hi nhi raha h pls aap bataeye meri question ka sollution.
Hi Anshu,
You should try restarting your PC and this will solve the problem.
Regards.
thanks bhiya mera problem solve ho gya apki wajah se thanks for ur suggestion
aap mujhe whatsapp k bare m bataeye kya mai pc par whattsapp chala sakti hu or mujhe ye bi pta h ki whatsapp pc pr chala sakti hu ek website h bluestacks.com es par download kr pc m run kra du to mai pc pr bi whatsapp chala sakti hu par maine sare procceess kr chuki hu nhi ho pa raha h pls bataye ki mere pc pr whattsapp kaise chalega yo bi ek – ek step bataye !
hi frind kya tum meri madad kar sakte ho
Hi Shakee,
Kindly let us know the issue you are facing.
Regards,
mere question ka answer abi tk nhi mila h ?
Hi Anshu,
WhatsApp for PC is not an official software. For any queries regarding this, please contact WhatsApp support >> https://www.whatsapp.com/contact/
Regards,
hello sir! sir mere lapy m quick heal antivirus h so ab end hone ja raha h so pls mujhe bataye ki “renew now” kar k mere lapy pr aa raha h notification and jb mai usse click krti hu “renew now” ko to new key magta h lekin quick heal to bola tha ki “renew now” krne se mujhe 2 month tk quick heal antivirus nhi barbana padega pr “renew now ” krne pr aisa kuch nhi hota h mujhe bataye ki kaise karu mai renew now or bolta h ki 20 days expire ur quick heal lieance pls renew now
Hi Anshu,
Thank you for using Quick Heal. We would request you to contact our Renewal Team, and they will be happy to assist you. Below is the contact details:
020-66835945 / 020-6683559
Regards,
or ha jb mai internet use krti hu to ek floder khulata h jisme likha rahta h ki There are new suspicious file entries in your quarantine floder , that are yet to be submitted to research
Lab. Suspicious file submission ensures the detailed analysis of the file in reaserch lab of quick heal. After the detailed analaysis it can be added in the know virus signature data base which will be provided in updates to all user fir email mangata h submit krne k liye kya mai apna id de du pls aap mujhe bataye
Hi Anshu,
Yes, you can give your email address.
Regards,