Security Advice – OpenSSL Heartbleed Bug

bleedheartOpenSSL Heartbleed Bug – Informational purposes only. No action is required.

We wish to advise that we are aware of the security vulnerability and every web server that we manage has been patched. Hence, your website is NOT at risk.

We’ve been contacted by several customers asking about the recently discovered vulnerability in “OpenSSL 1.0.1f”. The vulnerability is known as the Heartbleed bug. It has been discovered by security experts and it is thought to affect up to 500,000 web servers worldwide. The vulnerability is receiving global news coverage. Technology companies and software providers like ZenCart are advising website owners to contact their web hosting providers.

The vulnerability allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet. SSL/TLS provides communication security and privacy over the Internet for website, email and FTP applications. The vulnerability is known as CVE-2014-0160 and detailed information is available on the CVE website http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160 and also http://heartbleed.com/

Please do not hesitate to contact our support team if you have any questions or concerns.