How To Protect Yourself From The POODLE Bug



In recent months, security bugs with names such as Heartbleed and Shellshock have been causing problems for millions of computers worldwide.  The latest such bug has been named POODLE, and is the result of a security weakness in an obsolete version of SSL that is still supported by most web browers.

SSL is the technology that encrypts data on confidential web pages such as password entry screens and financial data.  By exploiting the POODLE bug, hackers can gain access to private data, although it's quite difficult to do and attacks are not widespread.

If you're worried about this latest bug, head to for an instant test that will tell you whether your web browser is vulnerable.  If it is, you'll need to disable SSL v3 in your browser.  Details on how to do so can be found at and are easy to follow.



A poodle yesterday

Please rate this article: 

Your rating: None
Average: 3.9 (16 votes)


Is Linux and Firefox on Linux susceptible to the poodle bug?

Thanks for this, very clear and useful.

1. I think some people are confused because you can check both your browser(s) and your ISP/Server: as I understand it, if you can get your browser straight, it doesn't matter about the server – open to correction on this point.

2. Should we not make similar amendments to stop downgrades from TLS1.2 to TLS1.1 and 1.0, as Adam Langley suggests they are also risky, and my version of Firefox shows both as switched on ? (

Rob: Appreciate your many vital PC and software articles. :)

Thank you much!

I went to sslabs - browser vulnerable.
Followed directions or disabling SSL v#.
Relaunched browser. Still vulnerable.

Went to Poodle Test. Not vulnerable.

Removed the disabling command on Chrome.
Went back to Poodle Test. Not vulnerable.

So which is correct?

You have to clear your browser cache between tests or they will not be reliable. Probably using Ctrl-F5 will work as well.

I am confused.

In we see:
"On-line testing tools
Test your browser here:
Test your server here:"

In the second I receive the info that my browser (Chrome) is unsafe.

On the other, that it is safe.

Cheers from Rio,

You have to clear your browser cache between tests or they will not be reliable. Probably using Ctrl-F5 will work as well.


What do you mean, "On the other, that it is safe"? Of the three websites you listed, only one of them can test your browser: That one says your Chrome browser is unsafe; it IS unsafe.

The first URL you list,, is an information page, much like this one. It doesn't test browsers.
The third URL you list, checks websites. It doesn't check browsers either.

So it sounds like you DO need to fix your Chrome browser to make it safe. Go to the website in the article above to learn how to fix Chrome ( Just page down until you find the information.


There are two tests recommended in the site I cited.
The first one is the same given in this article. It syas I am vulnerable.
The other one says I am not.
That's why I got confused.

Thanks for caring.

Thanks Rob! Useful info.