The Heartbleed bug, officially referenced as CVE-2014-0160, is already being coined as one of the biggest security threats since the mass adoption of the Internet – affecting millions of websites and services, including credit-card numbers, email accounts and a wide range of online commerce.
Heartbleed is a security bug in the OpenSSL cryptography library, which is widely used to secure Internet sites and applications. The OpenSSL “Heartbleed” vulnerability allows hackers to steal information protected by the SSL/TLS encryption (it provides communication privacy and security on the Internet when it comes to email, web, IM or virtual private networks).
Shortly speaking, Heartbleed shares the memory of a system protected by OpenSSL to anyone on the Internet.
Dr Seggelmann, of Münster in Germany, said the bug which introduced the flaw was “unfortunately” missed by him and a reviewer when it was introduced into the open source OpenSSL encryption protocol over two years ago.
Our team of developers tested the products with Metasploit’s Brand New Heartbleed Scanner Module and guarantee that all Open-E Data Storage Software products are secure. There is no need to update software or change passwords.
CC Image courtesy of xkcd.com
Read more about the OpenSSL “Heartbleed” Vulnerbility: