Microsoft's Poodle Advisory Updated with Fix It Solution

For those that are behind on news, a severe flaw in and old security protocol was announced on October 14, and then confirmed industry-wide on October 15, 2014. The flaw is in SSL 3.0, which we probably should have stopped using several years ago, however many web sites and services still use it. On October 14, 2014 Microsoft released its own security advisory on the topic basically telling customers to just turn it off in Internet Explorer settings.

Today, Microsoft has updated the security advisory to clarify the workaround for disabling SSL 3.0 on Windows server and Windows clients, but also to make it easier for IT Pros to manage turning off the setting centrally.

Turning SSL 3.0 off is actually pretty simple and can be done through registry edits. But, to make it simpler, and for those not comfortable editing the Windows registry, Microsoft has packaged the registry edits inside a Fix It solution, now provided as a download from its Knowledge Base.

You can find the Fix It solution on this page: Microsoft security advisory: Vulnerability in SSL 3.0 could allow information disclosure: October 15, 2014