Scam of the day – October 17, 2014 – Another Heartbleed-like security flaw discovered

We all remember the Heartbleed scare from last April where a security flaw in the Open SSL encryption technology used throughout the Internet was discovered and a rush to fix it was done before the flaw could be extensively exploited by hackers.  Now we learn about another flaw in encryption software which although not as serious as Heartbleed is still significant.  This one goes by the acronym of POODLE, which stands for Padding Oracle On Downgraded Legacy Encryption.  A POODLE attack could enable a hacker to steal information from unwary victims.  Fortunately, patches have been created and are provided below.

TIPS

Here is a link from the Department of Homeland Security to security updates to resolve this problem.  https://www.us-cert.gov/ncas/current-activity/2014/10/16/OpenSSL-Patches-Four-Vulnerabilities

And while we are at it, here are the latest Department of Homeland Security links to security updates for Mozilla Firefox and Thunderbird.  https://mail.aol.com/38798-516/aol-6/en-us/Suite.aspx

Leave a Reply

Your email address will not be published. Required fields are marked *