Recently a security vulnerability in SSL 3.0 has become known. This vulnerability, known as POODLE (Padding Oracle On Downgraded Legacy Encryption), allows an attacker to break the security of SSL 3.0 when exploited, thus allowing attacks. WMU servers have been addressed, but this vulnerability can be exploited on individual machines as users browse to sites outside of Western Michigan University. The Office of Information Technology is recommending that all computer users at WMU take the steps below to assure that the browsers they use are secured. If you have questions about this process, please contact your unit IT support person. If you do not have a unit IT support person, please contact the Help Desk.
- Microsoft Internet Explorer
- Mozilla Firefox version 20 or newer
- Mozilla Firefox version 19 or older
- Google Chrome
SSLv3 in Safari has been disabled by an Apple security update, available through the App Store.