"Because a network attacker can cause connection failures, they can trigger the use of SSL 3.0 and then exploit this issue," Google said, in the statement. The immediate fix to the problem will "break some sites, and those sites will need to be updated quickly," Google said.
A Google Inc spokesman said on Tuesday that researchers with the company have uncovered a vulnerability in widely used SSL web encryption technology, finding a bug in the SSL 3.0 protocol.
SSL 3.0 is nearly 15 years old, but it is still widely used, Google said, in a Tuesday evening blog post. Even browsers that use newer protocols will retry failed connections with older protocol versions, including SSL 3.0.
"Because a network attacker can cause connection failures, they can trigger the use of SSL 3.0 and then exploit this issue," Google said, in the statement. The immediate fix to the problem will "break some sites, and those sites will need to be updated quickly."
"In the coming months, we hope to remove support for SSL 3.0 completely from our client products," Google said.
More from CNBC.com
Anda sedang membaca artikel tentang
Google discloses Web encryption vulnerability
Dengan url
https://kesehatanda.blogspot.com/2014/10/google-discloses-web-encryption.html
Anda boleh menyebar luaskannya atau mengcopy paste-nya
Google discloses Web encryption vulnerability
namun jangan lupa untuk meletakkan link
Google discloses Web encryption vulnerability
sebagai sumbernya
0 komentar:
Posting Komentar