Open Reality has responded typically fast to the threat of the POODLE vulnerability just announces.

Our hosting services team is disabling SSL v3 on any servers we support, alongside any published desktops, IE and Firefox services.

They are also on standby, ready to provide existing customers with answers to your POODLE concerns including:

1. How to disable SSL v3 in client browsers

2. How to update browsers to a version that doesn’t use SSL v3

If you are an Open Reality / BrightCloud customer and have concerns at all or you are using IE6, please contact our expert team at SPOC@Bright-Cloud.net or on 03707 704 548.

What is the POODLE threat?

POODLE exploits a design flaw in the old SSL v3 protocol. The impacts hits when you’re browsing secure websites.

While modern systems using an alternative (TLS), do not have the flaw some old systems, such as Windows XP and Internet Explorer 6, won’t work by default with TLS. As a result you will fail to connect via these protocols to websites where SSL v3 has been disabled.

The risk is greatest when using public Wi-Fi. This is because the most likely way an attacker will exploit this vulnerability is via a Wi-Fi connection.

This BBC article explains in more detail about POODLE