This just in from GeoTrust:
GeoTrust is aware of and currently investigatingCVE-2014-3566 SSL v3.0 POODLE vulnerability. This vulnerability affects servers still running SSL 3.0. It centers on cipher block chaining (CBC) encryption implementation and allow attackers with a Man-in-the-Middle (MITM) position to derive the contents of a secure payload based on responses received from requests sent from a compromised browser to a legitimate server.
This is a vulnerability with the SSL protocol; existing SSL and code signing certificates are not affected and do not need to be replaced.
Here are some recommended actions:Disable SSL 3.0 support or disable SSL 3.0 CBC-mode ciphers. You can use SSL Tool Box to detect if SSL 3.0 is enabled on a web server.Implement the proper use of TLS_FALLBACK_SCSV to remediate the forced downgrade issue that is part of the vulnerability.Check for latest news and information atKnowledge Center Article 2185.