Wednesday, June 03, 2015
Search
  
Submit your own News for
inclusion in our Site.
Click here...
Breaking News
HP's Futuristic 'Machine' Computer To Reach Software Developers Next Year
Samsung Licenses ARM's Mali GPUs
New Aquaris E5 HD Ubuntu Edition Smartphone Launches in Spain
Computex: ASUS Showcases Pen Stick PC Powered By A Cherry Trail CPU
Apple Is Recalling Beats Pill XL Speakers
IBM Buys Blue Box to Accelerate Open Hybrid Clouds
Yahoo Gives Advertisers Fraud Verification Tools
Fujifilm and imec Demonstrate Full-color Organic light-emitting diodes With photoresist technology for organic semiconductors
Active Discussions
Copy a protected DVD?
roxio issues with xp pro
How to burn a backup copy of The Frozen Throne
Help make DVDInfoPro better with dvdinfomantis!!!
Copied dvd's say blank in computer only
menu making
Optiarc AD-7260S review
cdrw trouble
 Home > News > General Computing > OpenSSL...
Last 7 Days News : SU MO TU WE TH FR SA All News

Wednesday, April 09, 2014
OpenSSL Cryptographic Bug Poses Threats User Data


A newly discovered bug in in the popular OpenSSL cryptographic software library has made data on many of the world's major websites vulnerable to theft by hackers.

The so-called "Heartbleed Bug" allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet. SSL/TLS provides communication security and privacy over the Internet for applications such as web, email, instant messaging (IM) and some virtual private networks (VPNs).

The vulnerability could enable remote attackers to access sensitive data including passwords and secret keys that can decode traffic as it travels across the Internet.

The U.S. government's Department of Homeland Security has already advised businesses to review their servers to see if they were using vulnerable versions a type of OpenSSL. A fixed OpenSSL has been released and now it has to be deployed.

The bug was introduced to OpenSSL in December 2011 and has been out in the wild since OpenSSL release 1.0.1 on 14th of March 2012. OpenSSL 1.0.1g released on 7th of April 2014 fixes the bug.

Status of different versions of the OpenSSL:

- OpenSSL 1.0.1 through 1.0.1f (inclusive) are vulnerable
- OpenSSL 1.0.1g is NOT vulnerable
- OpenSSL 1.0.0 branch is NOT vulnerable
- OpenSSL 0.9.8 branch is NOT vulnerable

Security experts estimate that hundreds of thousands of web and email servers around the globe need to be patched as soon as possible to protect them from attack by hackers.

And according to a recent report from the Arstechnica.com web site, Security researcher Mark Loman was able to extract data from Yahoo Mail servers by using a free tool.




Previous
Next
HyperX Releases The FURY Memory Line For Overclockers        All News        New Asus ESC4000 G2S Series HPC GPU Servers For Intel Xeon Processors
Facebook To Show Bigger Ads     General Computing News      Lenovo, Tencent To offer XP Tech support in China

Get RSS feed Easy Print E-Mail this Message

Most Popular News
 
Home | News | All News | Reviews | Articles | Guides | Download | Expert Area | Forum | Site Info
Site best viewed at 1024x768+ - CDRINFO.COM 1998-2015 - All rights reserved -
Privacy policy - Contact Us .