Original Author: Scott Barlow - Posted October 16th 2014

Reflexion has taken steps to mitigate the recently published POODLE vulnerability. The exploit allows for a man in the middle style attack that could compromise data intended to be sent securely. The flaw exists in an 18 year old piece of code still widely supported called SSLv3.

To safeguard our users we have disabled SSLv3 support in all of our portals. This action primarily affects the Windows XP operating system and internet explorer version 6 and below. These are products that are no longer supported by Microsoft, and no updates will be forthcoming to address this security concern., and as a result we will no longer support web connections from these legacy products. This doesn’t affect email using TLS from any email client. As a result of this we recommend that all partners take actions to close this flaw on their systems as well.

For additional information Please see below or contact our support team:

https://www.us-cert.gov/ncas/alerts/TA14-069A-0

https://access.redhat.com/articles/1232123