The Heartbleed Bug

Saturday, 26 April 2014  |  Posted in: News  |  2min read

As you will most likely have now heard, on 8 April 2014, a vulnerability in the OpenSSL software library was announced. The vulnerability detected affects the OpenSSL encryption software versions 1.0.1 and 1.0.2-beta (CVE-2014-0160) and is known as the Heartbleed bug. The Heartbleed bug potentially allows an attacker to remotely retrieve data held in memory on the weakened system. OpenSSL is open-source software commonly used for securing traffic passing over the internet. Most commonly it is used for encrypting HTTP web traffic.

As a customer of The Digital Embassy, our managed hosting providers have been highly responsive in ensuring the performance and security of our web platforms is being maintained. From the time the article was made public Tuesday 8 April our providers has been actively reviewing and implementing patching on their entire Linux fleet to secure any possible vulnerabilities.

The OpenSSL vulnerability however only affects Apache (Linux) operating systems (or Linux applications on other operating systems). The Digital Embassy does not use OpenSSL. Nor do we use Apache as part of our core network setup. As a Microsoft Certified .NET technology specialist our hosting network infrastructure is built on Microsoft Windows IIS, which is unaffected by the Heartbleed bug.

Now is the time to reassess your overall website security positioning. Our team of experts can perform a website audit against any potential security vulnerabilities as part of OPTiMUM Support Program. Clients using our OPTiMUM Support services will receive an audit of their infrastructure against the Heartbeat Vulnerability at no additional charge.

Let's work together

Want to start a project with us? Let’s discuss your requirements over a coffee at our place! Call us on 1300 375 368

Reset
[contact-form-7 id="120" title="Let's Talk"]
This website uses cookies to improve your experience. By using our website you consent to the use of cookies in accordance with our Privacy Policy
Read More