Browser Makers React To Google Warning On SSL 3.0

Mozilla, Microsoft and other browser makers are turning off support for a decades-old encryption protocol following an advisory from Google warning that the protocol is vulnerable to a dangerous man-in-the-middle attack that could expose passwords and session cookie data.

Google researchers Bodo Moller, Thai Duong and Krzysztof Kotowicz called the attack technique against SSL 3.0 a Padding Oracle On Downgrade Legacy Encryption, or POODLE. It can be used by an attacker to trick the browser into giving up small bytes of data and ultimately gain access to the sensitive information in HTTPS browsing sessions. Weaknesses in previous versions of SSL/TLS have been uncovered in the past, including implementation errors that make protected sessions prone to snooping attacks.

"Disabling SSL 3.0 support, or CBC-mode ciphers with SSL 3.0, is sufficient to mitigate this issue but presents significant compatibility problems," Google warned website administrators in its advisory.

[Related: MSSPs Tracking Shellshock Attacks, FireEye Uncover NAS Systems Assault]

Solution providers tell CRN that they are advising their clients managing websites to add support for a fallback mechanism that prevents attackers from inducing browsers to use SSL 3.0, a recommendation from the Google researchers. System administrators also can disable SSL 3.0 and enable TLS 1.0, 1.1 and 1.2 in group policy to satisfy endpoint machines. They warn that the change could result in failed browser connections to resources that are set to require SSL connections.

The POODLE attack is the nail that marks the end of version 3.0 of SSL, according to Ivan Ristic, a researcher who has been studying threats to SSL/TLS encrypted sessions and weak protocol implementations. As of Oct. 12 more than 96 percent of the HTTPS Alexa Top 1 million websites supported SSLv3, Ristic said. A Web page provides details about POODLE and how users can reduce the risk by disabling browser support of SSL 3.0.

A Google Chrome update will disable version 3.0 and Google will remove support for SSL 3.0 completely from its client products. Mozilla also released a security advisory, telling users that it plans to turn off SSLv3 in Firefox and will disable it by default in version 34 of Firefox due out next month.

"SSLv3 is an old version of the security system that underlies secure Web transactions and is known as the 'Secure Sockets Layer' (SSL) or 'Transport Layer Security' (TLS)," Mozilla said. "Today, Firefox uses SSLv3 for only about 0.3% of HTTPS connections. That’s a small percentage, but due to the size of the Web, it still amounts to millions of transactions per day."

The vulnerability could pose a serious issue for users of Internet Explorer 6, which cannot disable SSLv3. Microsoft has been encouraging those users to upgrade to a more modern browser. In a security advisory issued by the company last night, Microsoft said it was investigating the issue and advised customers to enable a workaround in group policy to disable SSLv3.

"After applying this workaround, Internet Explorer will fail to connect to Web servers that only support SSL up to 3.0 and don’t support TLS 1.0, TLS 1.1 and TLS 1.2," the company said, not ruling out an out-of-band update to address the issue.

POODLE follows Heartbleed, a vulnerability in OpenSSL, and ShellShock, a vulnerability in the Bash Linux and Unix shell, but it shouldn't be seen as serious, according to Greg Martin, chief technology officer of security intelligence platform maker ThreatStream. An attacker needs local access to attempt to target a victim, he said. That means getting access to the network or on the same public wireless connection as the victim, such as a cafe or hotel Internet connection, he said.

"POODLE certainly shows us that as an industry, our ability to find bugs has gotten much better and big vulnerabilities that have existed for years will continue to be disclosed likely this year and for years to come," Martin said.

PUBLISHED OCT. 15, 2014