December 9, 2014 Alex Woodie
IBM i shops that continue to use SSLv3 to encrypt their communications are susceptible to the POODLE security vulnerability and could have their data compromised, IBM warned today in a security bulletin. IBM also issued new security patches that disable SSLv3 in IBM i’s Java runtime. While IBM recommends moving to the newer TLS protocol, many IBM i applications still require SSLv3 and will likely break when it’s disabled, IBM warns.
IBM started patching its various systems against the POODLE vulnerability over a month ago when it became clear that SSLv3 needed to go. Applications patched in November include the