As Christmas approaches and before our over-partied noggins turn to mush, we thought it would be nice to try and deal with something specific rather than the predictable rants about the woes of Sony or urging you once more to patch the new raft of Microsoft vulnerabilities that are dealt with in this month’s patch Tuesday.
Actually, there are some nasty issues dealt with by Microsoft this month. Yet more privilege escalation issues including another vulnerability in Visual Basic. How long will it be before we find out that you can become a domain Administrator by typing XYZZY into notepad? (If you got that, you are old!)
The subject of our attention is a somewhat worrying development in the world of the Poodle vulnerability, which may well grab you by the short and curlies.
You might remember the Poodle vulnerability. Hot on the heels of the big bad boys ShellShock and HeartBleed it is a vulnerability in SSl 3.0 which enables a dog-in-the-middle attack to decrypt your stuff.
‘So what?’ you cry, ‘we have disabled SSl 3.0 and are using the more funky TLS stack exclusively’. Bad news, TLS v1.2 is also vulnerable to a very similar exploit designated CVE-2014-8730.
‘Yeh, yeh but these dog-in the-middle attacks require well, err a dog in the middle.’ Yes they do. Have you ever been to Dubai, or China, or Iran, or the USA or even Brentford. There are dogs-a-plenty, as revealed in exquisite detail by Mr Snowden.
We recommend that you test your websites using this brilliant tool from our friends at Qualys: https://www.ssllabs.com/ssltest/
If you are vulnerable, apply your vendor’s patch, which they will have out either now or very shortly we would hope.
Vulnerability management should form a key part of your regular security operations. We mandate it for our NetSure360° managed security customers and if they don’t already have a solution, we recommend Qualys.
We use vulnerability management not only to prioritise patching, but also to allow us to reduce the false positives on our security platform. If you are not vulnerable to an attack, our system will downgrade the alert. If you are vulnerable, the alert will be upgraded, triaged and if necessary we will get you out of that Christmas party to help us deal with it.
If you would like to know more about Poodle, vulnerability management or any aspect of our managed services, please contact us at: [email protected] or call 020 7517 3900
Please remember: a dog is for life, not just Christmas, especially Poodles.
