Division of Information Technology Services

Information Security Threat - High Risk to Western

April 8, 2014

A vulnerability (denoted 'Heartbleed bug') has been identified that effects some Western web servers. This vulnerability is serious and exploits a popular cryptographic software library known as OpenSSL. This weakness allows stealing of information protected under normal conditions by SSL/TLS encryption used to secure the internet. SSL/TLS provides communication security and privacy over the Internet for applications such as web, email, instant messaging (IM) and some virtual private networks (VPNs).

For more information about the bug go to: http://heartbleed.com/

To resolve this issue please patch all web servers running OpenSSL to the most recent version.

Powered by Cascade ServerPublished on