Within a few hours after yesterday’s Patch Tuesday updates hit the information highway, Microsoft issued a new security advisory about a vulnerability that affects all versions of Windows – but that doesn’t mean you’re safe if you use a different operating system. This one is an industry-wide threat because it’s a vulnerability in the SSL 3.0 protocol, which is supported by almost all web browsers on all platforms.
Secure Sockets Layer (SSL) and its successor, Transport Layer Security (TLS) are used to encrypt communications that are sent across the Internet. SSL 1.0 was originally developed by Netscape but was never released to the public. SSL 2.0 was released in 1995 but due to problems it was quickly replaced by SSL 3.0 in 1996. Thus it’s been around for eighteen years, so we shouldn’t be too surprised that it has flaws. The problem is that there are still many web sites using it.
Although the Microsoft advisory states that “Microsoft is not aware of attacks that try to use the reported vulnerability at this time,” reports regarding this vulnerability – which is being called POODLE for “Padded Oracle On Downgraded Legacy Encryption – are all over the Internet, so it’s inevitable that attackers won’t be able to resist the temptation to design exploits for it.
Google published the details on Tuesday, outlining how the vulnerability could be exploited, in a paper that was written in September titled The POODLE Bites. It opens by calling SSL 3.0 an “obsolete and insecure protocol” and explains how this matters even when both client and server support TLS, because of the frequency with which the connection “falls back” to SSL 3.0 because of interoperability issues. It’s worth a read of you want to delve into the nitty-gritty technical minutiae.
A POODLE attack could use techniques similar to those used in the BEAST attacks (Browser Exploit Against SSL TLS) to implement man-in-the-middle type attacks and intercept session cookies used to log on to web mail and other online accounts, so the attacker can access the encrypted data.
The best protection against this vulnerability is to disable SSL 3.0 completely, although there is the chance that this may cause connection problems with some clients and servers. Nonetheless, browser makers are taking action.
Google has implemented “TLS_FALLBACK_SCSV” on their servers to prevent connections from falling back to SSL 3.0, is urging other server admins to implement it as well, and is preparing a patch for Chrome that will prohibit fallback from the client end regardless of whether the server does.
Mozilla announced almost immediately that they are planning to turn off SSL 3.0 by default in version 34 of their Firefox web browser, noting that Firefox uses it for only a small percentage of HTTPS connections. However, that small percentage still adds up to millions of communications exchanges every day. They also released an extension that will turn the protocol off immediately in the current browser version for those who don’t want to wait.
Users of Internet Explorer can disable SSL 3.0 by going into the Tools | Internet options and on the Advanced tab, unchecking the “Use SSL 3.0” checkbox (other versions of SSL should be disabled by default but if not, uncheck them, too). Be aware that disabling SSL 3.0 may cause some problems in connecting to some secure web sites from some browsers. In particular, Windows XP and Internet Explorer 6 users are likely to have troubles. Of course, Windows XP and IE 6 are already past the end of Microsoft’s official support life cycle and many web sites have dropped support for IE 6; if for some reason you’re still using either of this elderly pieces of software, time to upgrade is way overdue.
We’ll keep you updated on the SSL 3.0 vulnerability and any POODLE attacks that are detected in the wild as the news unfolds.
Note: GFI LanGuard has released an update with a dedicated vulnerability check to detect whether you could be affected by this industry-wide threat. Click here for more info on how you can use GFI LanGuard to identify this vulnerability.