Poodle Vulnerability and Trend Micro products

Trend Micro products and the POODLE Vulnerability – [CVE-2014-3566] SSLv3 Design Vulnerability

- Updated:
- 28 Jan 2016
- Product/Version:
- Deep Security 8.0
- Deep Security 9.0
- Deep Security 9.5
- InterScan Messaging Security Suite 7.1 Linux
- InterScan Messaging Security Suite 7.1 Windows
- InterScan Messaging Security Suite 7.5 Windows
- InterScan Messaging Security Virtual Appliance 8.2
- InterScan Messaging Security Virtual Appliance 8.5
- Platform:
- CentOS 6 32-bit
- CentOS 6 64-bit
- IBM AIX 5.3
- IBM AIX 6.1
- Linux - Red Hat RHEL 5 32-bit
- Linux - Red Hat RHEL 5 64-bit
- Linux - Red Hat RHEL 6 32-bit
- Linux - Red Hat RHEL 6 64-bit
- Linux - SuSE 10
- Linux - SuSE 10 64-bit
- Linux - SuSE 11
- Linux - SuSE 11 64-bit
- N/A N/A
- Ubuntu 10.04 64-bit
- Ubuntu 12.04 64-bit
- VMware ESXi 5.0
- VMware ESXi 5.1
- VMware ESXi 5.5
- VMware vCenter 5.0
- Windows 2003 Enterprise 64-bit
- Windows 2003 Server R2
- Windows 2008 Datacenter 64-bit
- Windows 2008 Enterprise
- Windows 2008 Enterprise 64-bit
- Windows 2008 Server R2
- Windows 2008 Server R2 Datacenter
- Windows 2008 Server R2 with Hyper-V(TM)
- Windows 2012 Enterprise
- Windows 7 32-bit
- Windows 7 64-bit
- Windows 8 32-bit
- Windows 8 64-bit
- Windows Vista 32-bit
- Windows Vista 64-bit
- Windows XP Professional 64-bit
- Windows XP SP2 32-bit
- Windows XP SP3 32-bit

Summary

What is POODLE and SSLv3 Design Vulnerability?

On October 15, 2014, researchers from Google released a paper discussing a serious bug in SSL version 3.0 (SSLv3) that potentially could allow attackers to conduct man-in-the-middle attacks and decrypt traffic between web servers and end users. This vulnerability is more popularly referred to as POODLE (Padding Oracle On Downgraded Legacy Encryption) and has been assigned the following CVE ID: CVE-2014-3566.

Who is impacted by POODLE?

SSL 3.0 is an older encryption protocol that has been around for 15 years. It has been succeeded by TLS (which is now at version 1.2). However, many TLS clients and servers will downgrade to earlier versions of the protocol if one side of the transaction does not support the latest version.

Because several Trend Micro’s products utilize encryption technology, some of these products may be affected by this vulnerability if the original standard is adhered to and the fallback mechanisms are in place. This article will contain the list of products that are affected and the recommended action to take to eliminate the risks as they are identified and corrected.

Details

The most recommended solution at this time is to disable the SSLv3 protocol on clients and servers. The TrendLabs Security Intelligence Blog on POODLEhighlights some methods to do this under the Countermeasures section of the article. However, disabling SSLv3 is not practical for many users and organizations, as many legacy and other products, including some Trend Micro ones may require it or produce unintended results if SSLv3 is disabled without additional steps.

Important: Trend Micro is currently investigating all the products known to use SSLv3 and will periodically update the list below as affected versions are identified and critical patches, fixes, or workarounds are made publicly available.

What Trend Micro products are affected?

Product	Version	Critical Patch / Solution
Deep Security Manager	9.5	Windows 64-bit: http://files.trendmicro.com/products/deepsecurity/en/9.5/Manager-Windows-9.5.2459.x64.exe RedHat 6 64-bit and RedHat 5 64-bit: http://files.trendmicro.com/products/deepsecurity/en/9.5/Manager-Linux-9.5.2459.x64.sh
	9.0 SP1	Windows 64-bit: http://files.trendmicro.com/products/deepsecurity/Manager-Windows-9.0.6803.x64.exe RedHat 6 64-bit and RedHat 5 64- bit: http://files.trendmicro.com/products/deepsecurity/Manager-Linux-9.0.6803.x64.sh
	8.0 SP2	Windows 64-bit: http://files.trendmicro.com/products/deepsecurity/Manager-Windows-8.0.4144.x64.exe Windows 32-bit: http://files.trendmicro.com/products/deepsecurity/Manager-Windows-8.0.4144.i386.exe RedHat 6 64-bit and RedHat 5 64-bit: http://files.trendmicro.com/products/deepsecurity/Manager-Linux-8.0.4144.x64.sh
InterScan Messaging Security Suite (IMSS)	7.1 and 7.5 Windows, 7.1 Linux	To prevent this issue, disable SSL 3.0.
InterScan Messaging Security Virtual Appliance (IMSVA)	8.0, 8.2, 8.5	To prevent this issue, disable SSL 3.0.

What if my product is not listed?

If the product has not reached End-of-Support, it is most likely that Trend Micro is still analyzing the vulnerability and its impact on your product. As soon as the analysis is completed, the product will be added in the list.

What if I have additional questions?

For additional inquiries, contact Technical Support.

Rating:

Category:

Troubleshoot

Solution Id:

1105697

Feedback

Did this article help you?

Thank you for your feedback!

What was the problem with this article?

The image(s) in the article did not display properly.

The article did not provide detailed procedure.

The article is hard to understand and follow.

The video did not play properly.

The article did not resolve my issue.

Others. Please specify.

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:

We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

Thanks for voting.

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:

We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

Need More Help?

Trend Micro products and the POODLE Vulnerability – [CVE-2014-3566] SSLv3 Design Vulnerability