Yet another security flaw scare…but ‘Poodle’ may be false alarm

Hot on the heels of the Shellshock and Heartbleed security bugs that pose great security threats to cyberdata comes a new one: POODLE. This is a gap in security protocols that, like the other recent flaws, is a potential hazard to users who don't take precautions when logging into unidentified networks. However, unlike Heartbleed, the threat from POODLE seems to be relatively minor.

POODLE, which was recently uncovered by Google and stands for Padding Oracle On Download Legacy Equipment, is a vulnerability that allows other servers to trick web browsers into using an outdated security protocol, SSLv3. Once this is employed, the browser becomes easier to exploit.

Because the exploit can happen quietly, it seems like it might be a problem for users of outdated software. But according to PCWorld's Tony Bradley, it's relatively easy to test if a system is under threat. And the attack depends on a few other factors that are not likely to happen.

AS he puts it, "POODLE is a threat, but its bark is worse than its bite. As long as you use operating systems and applications that are patched and updated, and follow basic security best practices such as not connecting to shady sites or servers, and not conducting online banking over an insecure public Wi-Fi network, you should be relatively safe."

Even with this assurance for themselves, enterprises still have to make sure that they are prepared for integrating older applications and plugins with their mobile-friendly mainframes. Though this is a case of older software not being compatible, a modernization project will help your company keep the usable legacy applications.