There has been a recent flood of questions and concerns relating to the Heartbleed Bug and your vulnerability to the cyber threat. Not everyone is directly affected by the recent threat but it raises the question of who is affected and how to make sure that you’re in the clear for any potential exposures.
Who is affected?
Customers running the OpenSSL project on their server could be affected by the recently discovered vulnerability. The threat has been identified in the OpenSSL project affecting versions 1.0.1 and 1.0.2 (CVE-2014-0160). Clients that are running Linux and are using SSL could be affected by this issue and should upgrade to a patched version as soon as possible. Any services using OpenSSL libraries must be restarted after applying any patch/fix.
Where is the Patch Available?
A patch is available for all major distributions of OpenSSL.
Please refer to the links below to find the appropriate patch for your system.
Caronet is posting this notice to our customers and our readers as a courtesy, so that you may patch potentially affected systems. If you need assistance in applying or updating the OpenSSL libraries, please contact firstname.lastname@example.org.
Are Windows Servers affected by this vulnerability?
No, Windows Systems using standard IIS are not affected by this vulnerability.
Can Caronet assist me with applying this patch/fix?
Yes, if you need support please contact email@example.com.
Is there a place where I can read more information about this vulnerability?
Yes, please visit the links below.
Heartbleed Bug: http://heartbleed.com