![]() We recommend customers migrate clients and services to more secure security protocols, such as TLS 1.0, TLS 1.1 or TLS 1.2. Microsoft is also announcing that SSL 3.0 will be disabled across Microsoft online services over the coming months. Microsoft is announcing that with the release of security update 3038314 on ApSSL 3.0 is disabled by default in Internet Explorer 11. We are actively working with partners in our Microsoft Active Protections Program (MAPP) to provide information that they can use to provide broader protections to customers. ![]() Considering the attack scenario, this vulnerability is not considered high risk to customers. Microsoft is not aware of attacks that try to use the reported vulnerability at this time. All supported versions of Microsoft Windows implement this protocol and are affected by this vulnerability. This is an industry-wide vulnerability affecting the SSL 3.0 protocol itself and is not specific to the Windows operating system. ![]() Microsoft is aware of detailed information that has been published describing a new method to exploit a vulnerability in SSL 3.0. Version: 3.0 General Information Executive Summary Feedback In this article Vulnerability in SSL 3.0 Could Allow Information Disclosure
0 Comments
Leave a Reply. |