SSL Security Advisory

heartbleed

Following recent developments, a security vulnerability has been identified in OpenSSL library.

This is now named “Heartbleed Bug”, and is a serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet. SSL/TLS provides communication security and privacy over the Internet for applications such as web, email, instant messaging (IM) and some virtual private networks (VPNs).

More can be learned on this website – http://heartbleed.com

This means that in theory, where SSL certificates are used, the website passwords might have been obtain by third parties. If your website is not using an SSL certificate, you have nothing to worry about.

Leave a comment