Microsoft IIS disable SSLv3 protocol for POODLE vulnerability

disablessl3iis01

The POODLE vulnerability is an attack on the SSL 3.0 protocol and it’s a protocol flaw not an implementation issue. Read the Google release post.

Every implementation of SSL 3.0 suffers from it. Security experts are recommending administrators to disable SSL 3.0 on their servers and use TLS 1.1 or 1.2.

 

Check SSL 3.0 usage

To check if your server uses SSL v3, go to GeoTrust SSL Toolbox website and type the URL of the server you want to check and click Check button.

disablessl3iis02

If the result shows SSLv3 is enabled, the server may be affected by POODLE vulnerability.

 

Manual fix

Run Regedit as Administrator and navigate to:

disablessl3iis03

Right click Protocols and select New > Key option.

disablessl3iis04

Name the new key as SSL 3.0.

disablessl3iis05

Now right click SSL 3.0 and create a new key named Client.

disablessl3iis06

Again, right click SSL 3.0 and create the key Server.

disablessl3iis07

Right click Client and select  New > DWORD (32bit) Value option.

disablessl3iis08

Name the DWORD as DisabledByDefault. Double click the DWORD and type 1 as Value data then click OK to confirm.

disablessl3iis09

The DWORD Value Data set to 1.

disablessl3iis10

Repeat same procedure for Server and assign Enabled as a DWORD name. Leave default Value Data set to 0.

disablessl3iis11

Restart the server to complete the procedure.

 

Quick fix

Log into the server with Local Administrator permissions account.

Download disable_ssl3.zip and extract the .reg file.

disablessl3iis12

Double click the .reg file and click Yes to confirm.

disablessl3iis13

The system confirms the keys added to the Registry.

disablessl3iis14

The Registry keys added.

disablessl3iis15

No patches are available so far since it’s a protocol flaw and not an implementation issue.

firma