OpenSSL vulnerability – Heartbleed Bug statement
You might think the Heartbleed bug is already history, but in recent days some of our customers have requested a public announcement due to the unprecedented media profile of this particular security vulnerability.
Whilst the media are (rightly, to an extent) making a lot of noise about this bug and its significance to the Internet population at large, the truth is we as sysadmins haven’t treated this security threat any differently to any other.
There are lots of important security vulnerabilities uncovered which have the potential to give an attacker full access to your server (arguably more serious than this case) – so we patch and workaround security vulnerabilities on an almost daily basis as part of our fully managed service. There is simply no reason or benefit to announce each and every one of these – our customers use our service to stay focused on their business rather than technical details like these.
Our expert technical team are always there in the background, performing server tune-ups to ensure that the configuration is optimal and secure at all times, so that you don’t have to.
If you somehow managed to miss the media coverage and the myriad of announcements and emails in your inbox about the Heartbleed bug, you can find more details regarding this vulnerability alert issued by the OpenSSL group on April 7, 2014: http://heartbleed.com/