As you may have heard, a major security vulnerability; dubbed “Heartbleed,” was recently discovered in OpenSSL. OpenSSL enables SSL and TLS encryption, which governs HTTPS—the secure communications between your computer and the servers on the Internet. It is used by about 2/3 of the web servers in the world. This vulnerability was the result of a programming error (or bug) in several versions of OpenSSL.
Due to the scope of this vulnerability and out of an abundance of caution, we are recommending a variety of different actions to protect you on the internet. We are confident that these actions eliminate any further vulnerability associated with Heartbleed.
At its worst, Heartbleed allowed potential access to a private key for an SSL certificate as well as the encrypted communication itself. This basically means that any individual with the knowledge and skills required to exploit this vulnerability, had a window to grab your user names, passwords and any private information you may have accessed with practically any of your online services that utilize the affected versions of the OpenSSL toolkit.
Please remember, Heartbleed is a critical vulnerability. It has affected nearly two-thirds of the Internet and many large Internet companies have been working long hours to update their services to keep customers and visitors safe.
For more detailed information please visit www.Heartbleed.com
