POODLE (Padding Oracle On Downgraded Legacy Encryption)

Protect your business from POODLE

Protect your business from POODLE

Written by Alan Ingram on Monday, 16 March 2015. Posted in POODLE (Padding Oracle On Downgraded Legacy Encryption), Information Technology

The POODLE security vulnerability was identified by the Google Security Team over the summer and effects many web services, including those hosted on Microsoft Internet Information Services (IIS).

It was found to be theoretically possible to force a client web browser to appear not to support newer, more secure encryption methods. This would result in the much older and insecure SSL (Secure Sockets Layer) V3 to be used, potentially making it easier to read the encrypted data.