For those of you who haven't the vulnerability exists in OpenSSL 1.0.1f and older versions and the maintainers released a patch for the flaw on Monday. However, now that the details of the vulnerability are public, researchers have begun digging into it and several tools have been published to test various domains to see whether they’re vulnerable. Some high-profile sites, including Yahoo Mail, Lastpass, the OpenSSL site and the main FBI site have been confirmed to leak certain information via the bug. There also is a proof-of-concept exploit for the flaw posted on Github.
The good news for all of our customers is that we have applied the latest patch on all our servers and all servers are now immune. So your data is like always safe. Enjoy SEOing!
Wednesday, April 9, 2014