Microsoft's Poodle Advisory Updated with Fix It Solution
Microsoft has released new guidance for disabling SSL 3.0 in Windows, including a packaged registry modification.
October 29, 2014
For those that are behind on news, a severe flaw in and old security protocol was announced on October 14, and then confirmed industry-wide on October 15, 2014. The flaw is in SSL 3.0, which we probably should have stopped using several years ago, however many web sites and services still use it. On October 14, 2014 Microsoft released its own security advisory on the topic basically telling customers to just turn it off in Internet Explorer settings.
Today, Microsoft has updated the security advisory to clarify the workaround for disabling SSL 3.0 on Windows server and Windows clients, but also to make it easier for IT Pros to manage turning off the setting centrally.
Turning SSL 3.0 off is actually pretty simple and can be done through registry edits. But, to make it simpler, and for those not comfortable editing the Windows registry, Microsoft has packaged the registry edits inside a Fix It solution, now provided as a download from its Knowledge Base.
You can find the Fix It solution on this page: Microsoft security advisory: Vulnerability in SSL 3.0 could allow information disclosure: October 15, 2014
Read more about:
MicrosoftAbout the Author
You May Also Like