POODLE vulnerability and decommissioning of SSL v 3.0

The recently acknowledged vulnerability of the secure communications tool SSL version 3.0, called POODLE, leaves services using it vulnerable to having encrypted communications converted to easily-intercepted plain text. Information Technology (IT) staff are working to disable SSL version 3.0 on systems across the University in order to mitigate the vulnerability.

Users may encounter an error message when attempting to log in to updated Penn State systems and services if using an interface that relies on SSL version 3.0. To avoid this problem, all software used to communicate across the Internet (particularly Web browsers) should be updated to the newest versions available. Software updates and security patches are some of the best ways to proactively protect systems. Vendors are working to release updated software as soon as possible.

If you have questions or need assistance updating your Web browser or other software, contact the IT Service Desk at 814-865-4357.

More information: POODLE vulnerability and decommissioning of SSL v 3.0

Story added 22. October 2014, content source with full text you can find at link above.