This new downgrade attack --which doesn't have a fancy name like most cryptography attacks tend to have-- works even against the latest version of the TLS protocol, TLS 1.3, released last spring and considered to be secure.
The new cryptographic attack isn't new, per-se. It's yet another variation of the original Bleichenbacher oracle attack.
The original attack was named after Swiss cryptographer Daniel Bleichenbacher, who in 1998 demonstrated a first practical attack against systems using RSA encryption in concert with the PKCS#1 v1 encoding function.
https://www.zdnet.com/article/new-tls-e ... r-tls-1-3/
So I use Lets Encrypt, does anyone know if they'll update their libraries and Comodo's?