ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Symantec Encryption products Vulnerability to “POODLE" (CVE-2014-3566)

book

Article ID: 161341

calendar_today

Updated On:

Products

Endpoint Encryption

Issue/Introduction

Are Symantec Encryption products vulnerable to the “POODLE" vulnerability (CVE-2014-3566). None of the Symantec Encryption products are vulnerable, but Symantec Endpoint Encryption servers can potentially be affected by the “POODLE” vulnerability.

None of the client products are vulnerable, including Endpoint Encryption with Drive Encryption functionality or Removable Encryption functionality, SEE Full Disk, SEE Removable Storage, and SEE Device Control. For more information about the POODLE vulnerability, see http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3566.

Resolution

Important Note: It is advisable to always be on the lastest version of Symantec Endpoint Encryption. SEE 11.2.0 and above no longer use TLS 1.0 or SSL v3.0.  For the current version of Symantec Endpoint Encryption, see article: 156303

If TLSv1 is disabled on the Endpoint Encryption Management Server, then client/server communications use the next secure protocol, which would be SSL v3.0. As this is the version that is currently vulnerable, it is recommended to disable SSL v3.0 on the server.

https://technet.microsoft.com/en-us/library/security/3009008.aspx

Disable SSL 3.0 in Windows

To disable SSL v3.0 protocol on Microsoft Windows:

  1. Click Start >Run, type regedt32 or regedit, and click OK.
     
  2. In the Registry Editor, locate the following registry key:

    HKey_Local_Machine\System\CurrentControlSet\Control\SecurityProviders \SCHANNEL\Protocols\SSL 3.0\Server

    Note If the complete registry key path does not exist, create it by expanding the available keys and using Edit > New > Key to create a new key.
     
  3. Select Edit > Add Value.
     
  4. In the Data Type list, click DWORD.
     
  5. In the Value Name box, type Enabled, and click OK.

    Note If this value is present, double-click the value to edit its current value.
     
  6. Type 00000000 in Binary Editor to set the value of the new key equal to "0".
     
  7. Click OK. When prompted, restart your computer.
     

Note: This workaround disables SSL v3.0 for all server software installed on a system, including IIS.

Note: After applying this workaround, clients that rely only on SSL v3.0 will not be able to communicate with the server.