Storage Made Easy is not affected by the OpenSSL Heartbeat overflow bug

heartbleed copy

We wanted to provide you with an update on the recently published vulnerability for OpenSSL. Please see here for an explanation regarding the vulnerability.

As soon as we were made aware of this vulnerability we immediately scanned our infrastructure to assess the potential risk.

Our analysis showed that we were not at risk to the vulnerability on our own servers nor on the IaaS or on-site cloud appliances as we are not running an affected version of OpenSSL.

Update:

LastPass HeartBleed checking tool is giving false positives. Please use any of the below sites / services that correctly check for HeartBeat vunerability in sites:

https://filippo.io/Heartbleed
https://www.ssllabs.com/ssltest

Update

We have liaises with LastPass who are using a different algorithm to issue warnings and the SME site has been whitelisted.

Facebooktwitterredditpinterestlinkedinmailby feather