Apr 232014

By now, many of you have likely heard of the so-called “Heartbleed” bug in the popular OpenSSL encryption library. Essentially, this vulnerability allows an attacker (either a malicious client – web browser or other local application – accessing a server or a malicious server communicating with a client) to read a small segment of memory on the afflicted machine. This memory may contain sensitive information or it may contain nothing of much use to anyone.

While the vulnerability was apparently in the code for some time, it did not become common knowledge until earlier this month. You should know that we immediately took steps to correct our affected systems, and have continued our analysis of the situation to ensure that all of our publicly-accessible (and publicly-accessing) systems are secure.

We invite you to test our security rating on the well-respected Qualsys SSL Labs site.

We want you to know that we take the privacy and security of your information very seriously, and will continue to monitor and make every effort to maintain the integrity of our systems.

Article Name
Heartbleed bug
How Rosenthal & Rosenthal moved quickly to update our servers to address the Heartbleed bug and OpenSSL vulnerability.

Sorry, the comment form is closed at this time.