Windows Server 2003 and 2008 R2. I am getting a message from my network security folks saying this.
McAfee is currently unaware of a vendor-supplied patch or update (2014-10-24).
The following workaround can be used to mitigate this issue:
Disable SSL 3.0 and/or CBC-mode ciphers in SSLv3.
I have all my ciphers set to '0" but not sure what CBC-mode means? Can some clarify this. The other option is to upgrade to TLS. I sure would like to just disable the ciphers if possible. I am not sure if the TLS works on all browsers.
Can someone please explain disable CBC-mode ciphers and give me direction on how to upgrade to TSL and if there will be folks who's browsers wont' work with TLS?