Can SEP protect computers from CVE-2011-3389 (the vulnerabilities of SSL 3.0 and TLS 1.0 protocols)?
The information about this issue has been published describing a new method to exploit a vulnerability in SSL 3.0 and TLS 1.0, affecting the many operating systems. This vulnerability affects the protocol itself and is not specific to the operating system. This is an information disclosure vulnerability that allows the decryption of encrypted SSL/TLS traffic. This vulnerability primarily impacts HTTPS traffic, since the browser is the primary attack vector, and all web traffic served via HTTPS or mixed content HTTP/HTTPS is affected. Due to this is an issue of the protocol itself, Symantec can't fix or change the protocol by self. Customer may use a higher version of the SSL and TLS protocols instead to avoid this risk. Customer may also contact the relevant vendors for the security patches.