The SSL 3.0 vulnerability referenced in the Security Advisory 3009008 , also known as “Poodle”, has received a significant amount of attention. While the discovered issue is specific to SSL 3.0, many customers are wondering whether this affects Microsoft’s offerings, specifically Microsoft Dynamics online services.
Microsoft Dynamics Online Services Status
Microsoft Dynamics has completed some of our services and is in the process of remediating the following online services for the SSL 3.0 vulnerability.
Recommended Client Side Remediation
It is also highly recommended that you update your browser to disable SSL 3.0 and leverage TLS. Please follow the provided links for more information on how to mitigate within the following browsers
Note In addition to securing your client side browsers, we also recommend that all customers who are using a mobile platform and may be vulnerable, follow the guidance from their mobile operating system provider.
The following resources provide guidance for customers and administrators to ensure clients are utilizing TLS 1.0 or higher and to disable SSL 3.0 proactively.
We want to assure our customers that we take your data and systems’ security seriously and hope that you find this information helpful.
For general information about our approach to security, visit the Microsoft Dynamics CRM Trust Center.
Microsoft Dynamics Service Engineering Team
SSL v3.0 & Microsoft Dynamics
We're always looking for feedback and would like to hear from you. Please head to the Dynamics 365 Community to start a discussion, ask questions, and tell us what you think!