TechSpot

Unable to block SSL 3.0 properly in IE, Firefox & Opera in Windows 8.1

By vis12345
Nov 21, 2014
  1. My friend is using PC with Win 8.1 Pro x86[up to date]. Antivirus: Bitdefender IS 2013

    When the poodle attack news came into light, he did the following:
    In IE 11>> Advanced Settings->Security->Unchecked SSL 3.0.
    In Firefox 28.0>> about:config->security.tls.version.min->modified 0 to 1
    In Opera 12.17>> Disabled SSL 3.0 by default.

    However, when pinged "poodletest.com", it says vulnerable on all these browsers.

    When checked in his laptop with Win 8.1 Pro x86[up to date] and Bitdefender IS 2015, "poodletest.com" says not vulnerable on all these above browsers[Note: Firefox version is latest 33.1.1] with settings changed same as done with PC.

    However, I was able to successfully block in my PC as others do.

    How is that possible?
    Is the problem with Bitdefender 2013? Is there anyone who is experiencing the same issue? or
    How to find the source of the problem?
     
    Last edited: Nov 21, 2014
  2. Broni

    Broni Malware Annihilator Posts: 52,890   +344

    Did he clear browser cache before re-checking?
     
  3. vis12345

    vis12345 TS Booster Topic Starter Posts: 72

    Yes, he did clear browsing history and the browsers are set for auto clean when it is closed. I'm getting suspicious on BD 2013 as all the secured https sites show that the certificates are verified by Bitdefender. So it may be the issue. However, if anyone uses BD 2013 with Windows, then they may test it and let us know so that we could inform Bitdefender and fix this major bug.
     
  4. Broni

    Broni Malware Annihilator Posts: 52,890   +344

    It may be a good idea to post this at BD forum.
     
  5. vis12345

    vis12345 TS Booster Topic Starter Posts: 72

    Yes, but I'm not sure that it is because of BD 2013. Also, my friend doesn't have BD forum login. If you or other Techspot people have BD forum login, please raise this issue. Also, is there any other way to find it what is the cause of this?
     
  6. Broni

    Broni Malware Annihilator Posts: 52,890   +344

    All he has to do is to just sign up for free.

    In this forum all I can do is to check your friend computer if it's clean.
     
  7. vis12345

    vis12345 TS Booster Topic Starter Posts: 72

    Now, he installed BD TS 2015 and poodle tests says "not vulnerable to SSL". The issue is only with BD 2013.
     
  8. Broni

    Broni Malware Annihilator Posts: 52,890   +344

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...