Ce diaporama a bien été signalé.
Nous utilisons votre profil LinkedIn et vos données d’activité pour vous proposer des publicités personnalisées et pertinentes. Vous pouvez changer vos préférences de publicités à tout moment.
 POODLE is the acronym of “Padding Oracle On Downgraded Legacy 
Encryption”. It isa new SSL vulnerability discovered by G...
 The only solution to get rid of the POODLE vulnerability is disabling 
SSL 3.0 from browsers and servers. 
 And as a pr...
The Google Chrome team has decided to completely remove its support 
towards SSLv3 from all their client products. 
Here a...
 Step 4: Press 'Apply' and then click on the 'OK' button. 
With this last step, Google Chrome is now free from SSL 3.0. A...
The Mozilla Firefox team has announced their decision to disable SSLv3 by 
default, which is set to release on November 25...
After completing the above step, Mozilla Firefox will no longer accept SSL 
3.0 certificates.
 Internet Explorer has not yet given an update about when they will 
discontinue their support for SSL 3.0. Therefore, us...
Step 4: Restart Internet Explorer. And with this step, the browser will no longer accept SSL 
3.0 certificates.
 Users across the world are concerned about affected web-browsers and 
compromised security due the POODLE vulnerability....
Blog: cheapsslsecurity.com/blog 
Facebook: CheapSSLSecurities 
Twitter: SSLSecurity 
Google Plus: +Cheapsslsecurity
How to disable SSLv3 in Chrome Firefox IE
Prochain SlideShare
Chargement dans…5
×

How to disable SSLv3 in Chrome Firefox IE

2 789 vues

Publié le

Know what is POODLE vulnerability its effects on users and how to disable it on different browsers as Google Chrome, Mozilla Firefox & Internet Explorer.

Publié dans : Internet
  • Soyez le premier à commenter

How to disable SSLv3 in Chrome Firefox IE

  1. 1.  POODLE is the acronym of “Padding Oracle On Downgraded Legacy Encryption”. It isa new SSL vulnerability discovered by Google researchers Thai Duong, Bodo Moller and Krzysztof Kotowiczis. As per their report, if a hacker tries to attack a public hotspot using a Man-in-the-Middle attack, the POODLE vulnerability helps the hackers to downgrade a browser’s SSL version with older SSL 3.0 instead of the highly secured TLS version.  Today, a large number of servers and browsers are supporting SSL version 3.0 (SSLv3) and hackers are more than happy to exploit them by forcing them to downgrade the browser's security protocol version. Even in case the browser is trying to use an upgraded version, due to this vulnerability, it will be forced to use the old SSLv3.
  2. 2.  The only solution to get rid of the POODLE vulnerability is disabling SSL 3.0 from browsers and servers.  And as a precautionary step, users are requested to avoid using public hotspots, WiFi, or they should access these networks using a VPN (Virtual Private Network).
  3. 3. The Google Chrome team has decided to completely remove its support towards SSLv3 from all their client products. Here are a few simple steps:  Step 1: Right click on the Google Chrome icon and click on Properties.  Step 2: A new pop-up appears that shows information about Google Chrome Properties.  Step 3: Now in the Target Text box after “~applicationchrome.exe” write the following piece of code, including a space: --ssl-version-min=tls1 Your target text box should now look similar to this: “~applicationchrome.exe –ssl-version-min=tls1”.
  4. 4.  Step 4: Press 'Apply' and then click on the 'OK' button. With this last step, Google Chrome is now free from SSL 3.0. After this, the browser will start rejecting SSL 3.0 certificates.
  5. 5. The Mozilla Firefox team has announced their decision to disable SSLv3 by default, which is set to release on November 25th 2014. So, after updating the browser there shall be no need to perform the procedure of disabling SSL 3.0. However, those who prefer not to wait until November 25, here is a step-by-step procedure to disable SSLv3:  Step 1: Open Firefox browsers and link it to the SSL Version Control Add-on.  Step 2: Press the Add to Firefox button, which will automatically disable SSL 3.0.  Step 3: After installing this add-on, open the Firefox Add-on Manager with key combination Ctrl+Shift+Alt or write 'about:addons', find the add-on 'SSL Version Control' and click on Option. Here the initial automatic updated property is Default, turn it 'On'. Please make sure the Minimum SSL Version property should be TLS 1.0.
  6. 6. After completing the above step, Mozilla Firefox will no longer accept SSL 3.0 certificates.
  7. 7.  Internet Explorer has not yet given an update about when they will discontinue their support for SSL 3.0. Therefore, users are left with no option but to take up the option to disable SSL 3.0 themselves. Here is the step-by-step procedure:  Step 1: In Run function of windows type Internet Options, or find it on the Tools menu and click open.  Step 2: Now, go to the Advanced tab, here is the Setting field.Go to the security section.  Step 3: Here you will find the checkbox of 'Use SSL 3.0' checked. Uncheck to disable it. Now, press Apply.
  8. 8. Step 4: Restart Internet Explorer. And with this step, the browser will no longer accept SSL 3.0 certificates.
  9. 9.  Users across the world are concerned about affected web-browsers and compromised security due the POODLE vulnerability. We will most definitely keep you posted about any new update on SSL version 3.0. However, if you have any query or suggestion on the related issue, please contact here.
  10. 10. Blog: cheapsslsecurity.com/blog Facebook: CheapSSLSecurities Twitter: SSLSecurity Google Plus: +Cheapsslsecurity

×