Apple patches OS X to protect against POODLE<article>
<section class="page">
<p>
Apple yesterday issued a security update for OS X Mavericks and Mountain Lion meant to protect Macs against possible POODLE attacks.</p><p>
OS X Yosemite, the upgrade Apple launched Thursday, also included the fix.</p><p>
But testing Safari 7 on a patched Mac running Mavericks—and Safari 8 on Yosemite—resulted in a still-vulnerable report from
poodletest.com, a website created by Johannes Ullrich, dean of research for the SANS Technology Institute and the head of SANS’s Internet Storm Center security arm. Ullrich published the detector so users could find out whether their browsers are at risk.</p><p>
POODLE, for “Padding Oracle On Downgraded Legacy Encryption,” was disclosed earlier this week by a trio of Google security engineers who revealed how a design flaw in SSL (Secure Socket Layer) 3.0 could be exploited by criminals. Those hackers could use POODLE to steal browser session cookies, then use the cookies to impersonate victims at websites where they make online purchases, receive email or store files in cloud services.</p><p class="jumpTag"><a href="/article/2835548/apple-patches-os-x-to-protect-against-poodle.html#jump">To read this article in full or to leave a comment, please click here[/url]</p></section></article>
Source:
Apple patches OS X to protect against POODLE
