Security researchers have discovered a vulnerability in SSL 3.0 that allows attackers to decrypt encrypted connections to websites.
Hackers can exploit a weakness in the protocol’s design to grab victims’ session cookies, which are used for logging into webmail and other online accounts over HTTPS.
SSL is supposed to encrypt your communications, such as your connection to your bank’s website, so eavesdroppers can’t steal or tamper with your sensitive information while it’s in transit.
Google revealed details of the design flaw on Tuesday, and dubbed it POODLE – short for Padding Oracle On Downgraded Legacy Encryption. It is a blunder within the blueprints of SSL 3.0 rather than a software bug, so it affects any product following the protocol – from Google Chrome and Mozilla Firefox to Microsoft Internet Explorer.
“This vulnerability allows the plaintext of secure connections to be calculated by a network attacker,” Bodo Möller, of the Google Security Team, wrote in a blog post today. “I discovered this issue in collaboration with Thai Duong and Krzysztof Kotowicz (also Googlers).”
POODLE (PDF) is really a critical threat because it is used by both websites and Web browsers and will remain critical as long as SSL 3.0 is supported. Therefore, both websites and Web browsers must be reconfigured to prevent using SSL 3.0.
While SSL 3.0 is not anymore the most advanced form of Web encryption standard in use, Möller explained Web browsers and secure HTTP servers still need it in case they encounter errors in Transport Layer Security (TLS), SSL’s more modern, less vulnerable layer of security.
“If a client and server both support a version of TLS, the security level offered by SSL 3.0 is still relevant since many clients implement a protocol downgrade dance to work around serve side interoperability bugs.”
To protect against the POODLE attack, there is nothing an end user can do, same like with the case of Heartbleed and Shellshock. But, companies across the world will be releasing patches to their servers and embedded devices disallowing use of SSl 3.0.