Each implementation SSL 3.0 has this problem. Security experts recommend system administrators to disable SSL 3.0 and Use TLS 1.1 servers or 1.2.
To test whether the network server using SSL v3, go to Toolbox GeoTrust SSL and type the URL of the server to monitor and click on Check.
https://ssltools.geotrust.com/checker/views/certCheck.jsp
If SSLv3 is enabled your server is at risk
- In this case, to disable SSLv3 you need to execute as Administrator regedit.
- HKEY_LOCAL_MACHINE\SYSTEM\
CurrentControlSet\Control\SecurityProviders\Schannel\Protocols\ - Right click button on the Protocols item and select New> Key --> SSL 3.0 folder.
- Right click button on the item SSL 3.0 folder and create a new key named Client.
- Again, make a click with the right mouse button on the item SSL 3.0 and create the strong name key Server.
- Make click with the right mouse button on the client and select New> DWORD (32-bit) Value.
- Give the name of the DWORD DisabledByDefault. Make a double click on DWORD and enter 1 as Value data and click OK to confirm.
- Repeat the same procedure for the Server entry and assign Enabled as the name of the DWORD. Leave Value Date with the default value set to 0.
- Restart Server
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Client]
"DisabledByDefault"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Server]
"Enabled"=dword:00000000
For the moment, there are no available patch as the problem is a defect and not due to the implementation of the Protocol.
More details:
https://technet.microsoft.com/en-us/library/security/3009008
http://www.achab.it/blog/index.cfm/2015/1/microsoft-iis-disabilitare-il-protocollo-sslv3-per-poodle.htm
