The POODLE-vulnerability in SSL 3.0 ensures that an attacker who between a user and the Internet to know places, for example in an open Wi-Fi network, can steal information from encrypted connections, such as session cookies. Maurice gives organizations advised to discontinue use of all SSL versions, as it is no longer the safe communication between systems can be trusted.
Also Oracle customers have to change their code and switch to a more secure protocol such as TLS 1.2. Oracle employee further notes that Oracle in the future SSL in all Oracle software will turn off. Besides disabling SSL 3.0 update also fixes 19 vulnerabilities in Java, which in the worst case, an attacker can give full control over the system.
No comments:
Post a Comment