The poodle bug

What is the Poodle bug

A security vulnerability named Poodle Bug was recently identified in an old version of SSL (SSLv3). This may impact some older browsers, which are unsupported by TaxLab. The Poodle Bug is registered in the Common Vulnerabilities and Exposures system as CVE-2014-3566.

Was TaxLab affected

The Poodle Bug only affects older web browsers that TaxLab does not support. In theory this should mean that you were not impacted as it is unlikely you will have been able to use TaxLab from an older unsupported browser.

Actions we have taken

Any time there is a potential threat to the TaxLab system, we conduct a security review. This includes understanding the threat in detail and its potential impact on the TaxLab system and our users. We have disabled SSLv3 for all users of our tax software to ensure they are not vulnerable to this issue (including our tax provision software, income tax return software and FBT software). This should not impact your use of TaxLab as, again, it only affects older unsupported browsers.

What you should do

Keep your web browser up to date as older browsers are more vulnerable to attacks and bugs.

In general, we remind you that its good practice to regularly change any passwords that you use online. You should also use a different password for each site that you use. In particular, you should regularly change your online email password. You should also enable multi-factor authentication if it is available.

If you would like to know more about TaxLab’s response to the Poodle Bug please contact us any time. We don’t publish all of our security precautions (as this would inherently be a poor security practice). However, we would be happy to discuss some of our security precautions with you and how we mitigate risks.