WP eCommerce & POODLE

An Internet security vulnerability called “POODLE” was recently discovered. The vulnerability impacts the SSL 3.0 protocol.

The vulnerability allows a cyber criminal to gain access to connections considered secure via a widespread (but 15-year-old) technology.

 

Google’s security team described the vulnerability and offered a near and long-term solution for their users.  They also recommended how the rest of the Internet should respond.

 

Nearly all Internet browsers support SSL 3.0. Though most companies doing business on the Internet have adopted its successor, Transport Layer Security or TLS, older browsers and some legacy Internet experiences leverage SSL 3.0 to maintain secure connections. Some modern browsers will “fall back” to SSL 3.0 under certain circumstances. TLS_FALLBACK_SCSV.

For the record WP eCommerce is not affected by the POODLE vulnerability.

However, in the interest of being thorough we have reviewed our software and our own site to ensured that all connections leverage this option as appropriate.

Absolutely no evidence that our software or systems have been compromised.

We pledge to let you know if we discover anything else. For now, thank you for continuing to trust, If you have concerns, don’t hesitate to reach out.

 

We appreciate your patience and understanding as we work to better serve you and keep you safe.