Apple Security Advisory 2014-10-16-2

Posted by deepcore on October 18, 2014 – 2:10 am

Apple Security Advisory 2014-10-16-2 – Security Update 2014-005 is now available and addresses the OS X Mountain Lion 10.8.5 and OS X Mavericks 10.9.5 SSL 3.0 Poodle bug. There are known attacks on the confidentiality of SSL 3.0 when a cipher suite uses a block cipher in CBC mode. An attacker could force the use of SSL 3.0, even when the server would support a better TLS version, by blocking TLS 1.0 and higher connection attempts. This issue was addressed by disabling CBC cipher suites when TLS connection attempts fail.

Tags: Apple, ios, osx
This post is under “Apple” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.

« Apple Security Advisory 2014-10-16-3 Apple Security Advisory 2014-10-16-1 »

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

Apple Security Advisory 2014-10-16-2

Post a reply

Tabs Switcher

Categories

Archives

Meta

BLOGROLL