By:


Date:
Apr 17, 2014

Heartbleed Bug- Are You Vulnerable?

Heartbleed2

As a follow up to our recent and immediate action to address the vulnerabilities related to the Heartbleed bug, we wanted to offer our customers and friends an update.

As you aware direct contact with us, our blog posts and media outlets, an exploit in OpenSSL known as “ The Heartbleed Bug” has come to appeared prompting the need to update exploitable software. We here at Codero have already taken proactive steps and sent notifications to our client base that might have been effected by Heartbleed bug. We are glad to say that we have seen a minimal impact with any of our clients services and have assisted clients with patching their servers when the vulnerability was discovered.

Earlier this week, Cloudflare (a DDoS protection service and hosting vendor) was able to prove though community sourced investigation, that private keys can be stolen through this exploit. CloudFlare has recommended that if a server was vulnerable to the Heartbleed bug and has been patched, there is a need to have any SSL certificates reissued and current certs revoked. Taking this action is the best way to prevent any possible security breaches related to the Heartbleed exploit. Our recommendations at Codero align with those from Cloudflare.

For our customers who want to check your server yourself and are comfortable in doing so, you can check your server for vulnerability at the link below:

http://filippo.io/Heartbleed

If you think you may be affected by this vulnerability and have not been contacted by Codero already, please reach out to our support staff.  We are more than happy to assist you in testing and patching of this vulnerability.

Our Support Administrators are available 24/7 @ http://www.codero.com/support/

You can read more about Heartbleed  by clicking on the links below

http://heartbleed.com

http://blog.cloudflare.com/answering-the-critical-question-can-you-get-private-ssl-keys-using-heartbleed

Please feel free to contact your account executive or support tech if you require additional information, they are humbly at your service.

Share on FacebookTweet about this on TwitterShare on Google+Share on LinkedIn

Tags: