This week, researchers at Google found a flaw in SSL 3.0 which they have dubbed POODLE. It is listed as CVE-2014-3556. To read more about this vulnerability and how it could be exploited, click here: http://googleonlinesecurity.blogspot.ca/2014/10/this-poodle-bites-exploiting-ssl-30.html
Given the methods described in the white paper for an attack surface, and given the software we run at OpenDNS, we have decided to simply disable SSLv3 in favor of TLS on all production and nonproduction systems. These changes have already been made without any interruption.
For our customers: no update or action is required for any client software, including but not limited to the Umbrella Roaming Client, Umbrella Virtual Appliances or the iOS Mobile solution.
The only possible impact will be for people using extremely old browsers and operating systems which we have determined to be a less than 0.01% of our user base.