OpenSSL vulnerability
What is “Heartbleed”
A serious and widely spread vulnerability has recently been identified impacting estimated 2/3 of all websites and web related services. Many business and consumer web services are affected.
Risks
Risk associated with this vulnerability is that any information you may have submitted securely onto or via affected websites may not be secure and could be compromised (passwords, credit card numbers, etc.)
Recommended action
Recommended action is to verify web services you use are either not affected or have been updated. For any affected services, ensure you immediately change your passwords and monitor credit card activity where applicable.
EXPERT CARE MANAGED SERVICES CLIENTSIf your business is under Intellect IT Expert Care Managed Services contract, your managed infrastructure is being assessed and will have updates applied where necessary, no further action is required from you. |
TIME & MATERIALS CLIENTSOur vulnerability assessment services designed to swiftly identify system vulnerabilities across your network environment to ensure no stone is left unturned. Contact us on 1300 799 165 or your account manager for further information. |
Technical details
This vulnerability is within open source cryptography library OpenSSL, it is used by millions of websites, web related services computer systems including firewalls, switches, routers and servers. Specific vulnerable process within OpenSSL is the heartbeat extension, which can be exploited to allow attacker access to sensitive information.
Attacker is able to to access encrypted within the SSL (HTTPS) session plus system’s private key, allowing any past or future encrypted conversations to be decrypted. Information that is at risk includes but not limited to user names, passwords and financial information – basically any piece of information being sent or received via an affected system.
In addition to this, as the attacker is also able to obtain the private key from vulnerable system, they are able to impersonate the vulnerable system to unsuspecting users. Such attacks are called man in the middle attacks and are common methods for stealing bank/financial information. Window of vulnerability is open until administrators of vulnerable systems update their systems and regenerate all SSL certificates.
Affected systems
This vulnerability has existed for over a year, close to two, however it was only publicly detected in the last week. Since then a number of service providers and vendors already remedied their systems or are in the process of doing so.
Software/hardware
Following list covers commonly used systems and server systems and their vulnerability status, for updated list please see cert.org:
AFFECTED
|
NOT AFFECTED
|
Online services
Following list covers commonly used online systems and services and their vulnerability status, please review your own list of services to confirm with each provider vulnerability status and if in doubt change your passwords.
AFFECTED
|
NOT AFFECTED
|
Posted on