The OpenSSL Heartbleed security bug has been all over the internet recently spreading panic to service providers as they rush to apply a fix.
This recent bug has got it’s name from the heartbeat extension for OpenSSL in which the fault occurs. OpenSSL is security software located on servers and operating systems that is used to protect data transactions that go back and forth over an internet connection. This recent bug has left security wide open and has allowed the potential for attackers to eavesdrop on communications and steal valuable data directly from users and service providers. It has also allowed attackers to impersonate a service provider and gain user data from oblivious users.
Ken Munro from Pen Trest Partners said “It’s the biggest thing I’ve seen in security since the discovery of SQL injection”. To gain perspective on this statement you just have to look at the stats provided from Netcraft – around 500,000 service providers are using variations of the affected software on their secure servers. Many companies have taken their services offline until they can rectify the problem, however some have managed to fix the security flaw with a swift server update which has been available from the 7th of April.
Thankfully our aWorkbook users do not have to worry as we have updated our servers and we will be continuing to provide our services as normal. If you have IT specialists within your company, make sure to share this information to them to help prevent any potential security leaks.