Poodle SSL exploit

[NGN478]

Will a future Anti-Exploit release address the Poodle exploit? I just ran the test mentioned here and it declared my browser vulnerable even though I'm running Anti-Exploit. Thanks.

[pbust]

Welcome to the forum.

 

MBAE is designed to detect and block "Remote Code Execution" vulnerability exploits. Poodle is not a remote code execution exploit but rather a weak encryption protocol which can be decrypted by a man in the middle. The best solution against Poodle is for the website owners to turn off compatibility with SSL and rely only on TLS, as most of them have already. Even if your browser still supports SSL, if you browse Facebook, Google, your bank, etc. you are not vulnerable as they have fixed it already on their end.

 

More information in the MBAE FAQ. Specifically look for questions #4, #5 and #6:

https://forums.malwarebytes.org/index.php?/topic/136424-frequently-asked-questions/

[pkolasa]

Will a future Anti-Exploit release address the Poodle exploit? I just ran the test mentioned here and it declared my browser vulnerable even though I'm running Anti-Exploit. Thanks.

NGN478, as pbust said, it's not MBAE's piece of cake, to pretect against such kind of exploits.

But if you're using Firefox and want to be not vulnerable, you can always install originating from Mozilla extension (SSL Version Control) allowing you to choose minimum version of TLS by a simple drop-down list in Tools --> Addons or change a preference in about:config (security.tls.version.min), setting it to 1. However in most recent Firefox versions (Mozilla said it's gonna be in 34.0) Firefox doesn't support SSLv3 by default. In most recent Chrome versions (I'm using 39.0.2171.36) it is also turned off and Poodle Test gives a "not vulnerable" result.