Due to the SSLv3 Poodle vulnerability we have decided to redirect all clients accessing our customer site to an info-page that informs them that we no longer supports SSLv3 and that they should upgrader/change settings in their browser.
In the redirect rule we log the UserAgent-string to get some idea as of what users are affected and for some reason we have quite large amount of 'Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0)', that according to www.whatismybrowser.com is Explorer 9 on Windows Vista, that negotiates the session via SSLv3. The large amount of users with the same UA uses TLS, but about 1-2 out of 10 goes with SSLv3.
I have not been able to access any of these clients or get any more information from them so the only thing I have to go with is the UA and I have not been able to find any good intel. on the Internet that could explain this issue... Does anyone have any good idea about what makes some MSIE 9 to use SSLv3 instead of TLS?
My webserver SSL-settings are: