Skip to Content

Google identifies SSL 3.0 security flaw

Security locks (ZDNet)

Google’s Security Team revealed on Tuesday that the long obsolete, but still all too used, Secure Sockets Layer (SSL) 3.0 cryptographic protocol has a major security flaw.

According to the team’s Bodo Möller: “This vulnerability allows the plaintext of secure connections to be calculated by a network attacker.”

While SSL 3.0 has been succeeded by Transport Layer Security (TLS) 1.0, TLS 1.1, and TLS 1.2, many TLS implementations have continued to be backwards compatible with SSL 3.0 to work with legacy systems for a smoother user experience.

For more information, check out this article posted on ZDNet.com

For information on how to fix the issue, check out this information from ZMAP.io