Beware of the Poodle Bug!

There’s a new security bug in town. Technically, it is called CVE­-2014­-3566, and elsewhere, as the Poodle Bug. Three Google engineers have discovered this security vulnerability in SSL version 3. Let’s know how this vulnerability may affect you.

Poodle

What is SSL?

SSL (Secure Sockets Layer) is an encryption service that keeps your Internet communications (such as your connection to your bank’s website, online shopping site, etc.) private and from getting into the wrong hands.

How POODLE bug affects SSL 3.0

SSL 3.0 is an 18-year old technology. Although stronger encryption technologies such as TLS (Transport Layer Security) are now in force, SSL 3.0 is still used in 1% of web traffic, and supported by 95% of web browsers.

Coming to POODLE, it stands for ‘Padding Oracle On Downgraded Legacy Encryption’. It is a security flaw that exists in SSL version 3. Under the right conditions, the POODLE bug can allow an attacker to access your session cookies. With this information at hand, an attacker can take control of your online accounts including your email, banking and social networking account.

Now all this may sound scary, but the POODLE bug is not as threatening as Heartbleed or Shellshock that took the Internet by storm. It is hard to exploit.

So, Why POODLE should not worry you much? Here’s why!

An attacker who intends to use the POODLE vulnerability, has to come in between you and the website you are visiting. And one of the most likely ways an attacker can do this is when you are accessing your online account on an unsecured public Wi-Fi network.

So, is disabling SSL 3.0 support a solution?

While disabling SSL 3.0 support will mitigate the risk, it might present compatibility problems with older web browsers and servers. So, for now, end users can take the following measures:

1. Avoid accessing online accounts on unsecured Wi-Fi; this even includes your instant messaging services like WhatsApp.

2. Ensure that your browser is configured to automatic updates.

The POODLE bug story is developing. We will keep you posted about this as we collect more information. Stay tuned to our blog, and stay safe!

Rajiv Singha

Rajiv Singha

Follow @Singha_Ra

Subscribe
Notify of
guest
105 Comments
Inline Feedbacks
View all comments
Musa ahmodu
Musa ahmodu
6 years ago

Thanks for this vital info, looking forward to more update on the POODLE BUG.

bablu upadhya
bablu upadhya
6 years ago
Reply to  Musa ahmodu

thanks update information

B.J.MASSAWE
B.J.MASSAWE
6 years ago

THANKS FOR THE INFORMATION.

yandamoori
yandamoori
6 years ago

thanks

sooryanarayanan
sooryanarayanan
6 years ago

Thanks for the timely information,,,Also updated automatically…Why should we worry

when QUICK HEAL is protecting my computer….Am Right?

Thank u sir…

gl bhasin
gl bhasin
6 years ago

thanks. hope Quick Heal is protecting us

mayur
mayur
6 years ago

please mail me all suggestions

Phiroze Mehta
Phiroze Mehta
6 years ago

Thank you for the warning. But is a QH user vulnerable if computer usage is not very regular?

Mayur
Mayur
6 years ago

Thanks for this information……

Mayur Desai
Mayur Desai
6 years ago

WE r waiting for Quick heal online shopping Security …….

Vishwadeep Patil
Vishwadeep Patil
6 years ago

Thanks and update us about POODLE bug next time

Vishwadeep Patil
Vishwadeep Patil
6 years ago

thanks n update us

shailesh patel
shailesh patel
6 years ago

start the quic heal anti virus

Mangesh
Mangesh
6 years ago

great info ragib..

Nagnath Jirvankar
Nagnath Jirvankar
6 years ago

Thanks for giving this information…..

Prof C B Singh
Prof C B Singh
6 years ago

It appears significantly more relevant for those who are fond of using pirated Windows and rest everything either pirated free for use. Re-think, the human life starting from birth to death is a paid service. Re-think be thankful to Quick Heal

Ranjan
Ranjan
6 years ago

a) we use wifi from mts or iphone hotspot. is this safe?
b) how can we get such blogs , new bugs news on direct our cellphones via sms or email?
c) is whatsapp so unsecured? major coys are subscribing and not using sms now….
d) QuickHeal which version is enuf for such internet bugs ?

George Oommen
George Oommen
6 years ago

Thanks for the information

Hiralal shah
Hiralal shah
6 years ago

Thank you for alerting us.

subham sahoo
subham sahoo
6 years ago

please tell how to be protected from this virus?

Yogesh B Kakkad
Yogesh B Kakkad
6 years ago

Thanks

renukadas u dixit
renukadas u dixit
6 years ago

thanks for giving very valid information

chander
chander
6 years ago

I AM USING QUICK HEAL TOTAL SECURITY ON MY LAPTOP.HAVING OP SYS AS WINDOW XP.
WILL THE QUICK HEAL TOTAL SECURITY NOT PROTECT AGAINST Poodle Bug

Chetan Patel
Chetan Patel
6 years ago

THANKS FOR THE INFORMATION.

Manohar Chaudhari
Manohar Chaudhari
6 years ago

Thanks for information

Pradip Mondal
Pradip Mondal
6 years ago

I AM USING QUICK HEAL TOTAL SECURITY ON MY LAPTOP.HAVING OP SYS AS WINDOW7.
WILL THE QUICK HEAL TOTAL SECURITY NOT PROTECT AGAINST Poodle Bug

nlpun
nlpun
6 years ago

thanks for your kind informetion.

shantanu kumar jena
shantanu kumar jena
6 years ago

thanks .

Mahesh kumar sihag
Mahesh kumar sihag
6 years ago

Thaks sir.

Shailendra
Shailendra
6 years ago

Thanks for telling

bharati
bharati
6 years ago

nice information. thanks.

Jarjeena
Jarjeena
6 years ago

Thanks a lot

Rakesh
Rakesh
6 years ago

Thanks for the information.

Animesh N Mistry
Animesh N Mistry
6 years ago

thks for update

raficul islam
raficul islam
6 years ago

thank u for this important information. plz keep this relation so that we can not fall in trap

chaitanya
chaitanya
6 years ago

thanks , was useful to me

RC Jat
RC Jat
6 years ago

Thanks for this vital information, looking forward to more update on this BUG.

Haradhan Mohajan
Haradhan Mohajan
6 years ago

Thanks.

dalip
dalip
6 years ago

thanx for valuable information

JTR Nair
JTR Nair
6 years ago

Useful information. Thanks. Please keep us updated.

Satish Divya
Satish Divya
6 years ago

Grand thanks

Satish Divya
Satish Divya
6 years ago

Supper

wasim
wasim
6 years ago

Thanks for the information.

Pradip Buveja
Pradip Buveja
6 years ago

Thx for the enlightenment. I will act accordingly and might stay safer online.

bablu upadhya
bablu upadhya
6 years ago

thks for update

JASHUBHAI M PATEL KAPADWANJ
JASHUBHAI M PATEL KAPADWANJ
6 years ago

thanks for the information

kaushal kishor
kaushal kishor
6 years ago

Thanks for the information

devendra
devendra
6 years ago

thanksfor information

PRASHANT
PRASHANT
6 years ago

THNK U

Gopal Shrestha
Gopal Shrestha
6 years ago

Thanks for useful information.

dr g s rekhi
dr g s rekhi
6 years ago

thanks for info!
if my quick heal is updated reg and working , do i need to worry or do anyother thing , pls advise .dr rekhi

Rahul Thadani
6 years ago
Reply to  dr g s rekhi

Hi Dr. Rekhi,

No, you need not worry if your Quick Heal product is regularly updated. Our virus databases are constantly working around the globe and resolving issues of hundreds of malware applications.

Regards.

105
0
Would love your thoughts, please comment.x
()
x