1 min read

Apple Drops SSL 3.0 for Push Notifications due to Poodle Flaw

Lucian Ciolacu

October 23, 2014

Promo Protect all your devices, without slowing them down.
Free 30-day trial
Apple Drops SSL 3.0 for Push Notifications due to Poodle Flaw

Apple is going to drop SSL 3.0 support for their push notification service due to the recently discovered POODLE vulnerability in the SSL protocol, according to Apple’s announcement.

The company is pulling the plug for SSL 3.0 support on Wednesday, October 29, in favor of the newer and more secure Transport Layer Security (TLS) protocol.

“Providers using only SSL 3.0 will need to support TLS as soon as possible to ensure the Apple Push Notification service continues to perform as expected,” the announcement said.

Apple Employees Hacked via Java Plugin Exploit

“To check for compatibility, we have already disabled SSL 3.0 on the Provider Communication interface in the development environment only.”

Applications that already use both SSL and TLS will not be affected by this changes, only those who already use SSL 3.0 will need updates.

Apple`s decision comes just one week after the POODLE vulnerability was disclosed by Google, that if exploited could intercept cookies and allow a session hijack attack or take various credentials such as banking details, network credentials and others.

tags


Author


Lucian Ciolacu

Still the youngest Bitdefender News writer, Lucian is constantly after flash news in the security industry, especially when something is vulnerable or exploited.

View all posts

You might also like

Bookmarks


loader