By now you have likely heard about the POODLE (Padding Oracle On Downgraded Legacy Encryption) vulnerability issue facing SSL v3.0 communications, but do you know how to find out if your Oracle applications have patches released? Follow this link to the OTN document which is keeping track of what is affected with patches available, likely vulnerable without fixes available, products not affected and those that are still being researched. Did you know that this is so important Visa's Cybersource credit card processing platform is disabling SSL v3.0 next week to prevent malicious activities?
As a bonus, check out the article on OTN for disabling SSL v3.0 in the Oracle JDK and JRE platforms!
No comments:
Post a Comment