Heartbleed Bug shocked thousand of web servers and administrators across the globe overnight after this serious vulnerability was revealed yesterday. This flaw allows stealing of protected information by means of SSL/TLS connections. Most affected companies and web administrators released patch overnight as security measure from Heartbleed Bug.
You can download and view a simple Heartbleed Bug infographic below to give you quick information about this serious OpenSSL vulnerability. You may refer to Yahoo post about heartbleed bug for more details.
Further information can be acquired from Heartbleed.com
Affected OpenSSL versions are: 1.0.0 through 1.0.1f
The quick solution: If you’re a website administrator and can't upgrade to the newest version, then you can manually disable the heartbeat function and then recompile OpenSSL’s code.
-DOPENSSL_NO_HEARTBEATS
No comments:
Post a Comment