Skip to main content

Vendors slow to patch OpenSSL vulnerabilities

posted onJune 30, 2014
by l33tdawg

Several key technology vendors are yet to fully patch against the OpenSSL cryptographic library used to secure networked communications, a leading Australian security researcher has warned.

The Heartbleed vulnerability in OpenSSL, first revealed to the public in April this year, makes it possible for attackers to tap into what was thought to be secure, encrypted communications unnoticed.

After a more thorough audit of the open source crypto library, further vulnerabilities were discovered that could lead to denial of service attacks and arbitrary code execution. The list of products affected by the OpenSSL vulnerabilities is long and deep, ranging from servers to clients, database backup systems and printers; mobile phones, hypervisors - almost any IT product or service conceivable.

Source

Tags

Security SSL

You May Also Like

Recent News

Friday, November 29th

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th