Poodle – shutdown of SSL 3

Munich, 17 October 2014

About 3 days ago a new security hole in SSL protocol was discovered. It has been named "POODLE Attack (CVE-2014-3566)". We have already implemented a protection against his security hole on all our servers. However, this protection - based on deactivating protocol SSL v3, amongst other things - affects the compatibility of old browsers. Therefore we thought it necessary to inform you about our proactive course of action.

From 17 October 2014 Internet Explorer 6 under Windows XP is not supported any longer.

Thanks to this measure, our servers have been given the highly-demanded Qualys' "A+ rating". Everyone can run a server check themselves at https://www.ssllabs.com/ssltest/. Detailled information on the topic can be found at: https://community.qualys.com/blogs/securitylabs/2014/10/15/ssl-3-is-dead-killed-by-the-poodle-attack

Comments are closed.