2014-10-22 - POODLE Bug
A new bug called POODLE (Padding Oracle On Downgraded Legacy Encryption) has been found in the Secure Sockets Layer (SSL) 3.0 cryptography protocol (SSLv3) which could be exploited to intercept data that's supposed to be encrypted between computers and servers.
We have been aware of the POODLE bug since Tuesday, October 21st and have updated our systems late Tuesday night, so that SSLv3 is no longer supported by GiftTool to prevent any POODLE attacks.
Next Steps:
- Please make sure that your internet browser does not use SSLv3, but instead only uses TLS 1.0, 1.1 or 1.2.
- If you are having difficulty accessing your secure GiftTool pages or logging into your GiftTool account, make sure that your browser can use TLS 1.0, 1.1 or 1.2. This is because GiftTool no longer supports SSLv3.
- If your browser does not support TLS, you should switch to a different browser that does. For example, if you are using:
- Any version of the IE browser on a Windows XP computer (which only supports SSLv3), you will no longer be able to access any secure GiftTool pages. Instead, you should immediately switch to a different browser that does not use SSLv3, such as Chrome, Firefox, Safari, etc.
- The IE6 browser which also only supports SSLv3, you will no longer be able to access any secure GiftTool pages. Instead, you should immediately download the latest version of the IE browser, or switch to a different browser that does not use SSLv3, such as Chrome, Firefox, Safari, etc.
The security of your users' information is incredibly important, and as such it is our policy to always stay on top of all security patches.
Please feel free to contact us with any questions, you can reach us at support@gifttool.com or 1.877.665.8665 (select option 2 for Support).
Was this information helpful?
|
|