Security Statement on OpenSSL “Heartbleed Bug”
Earlier this week a vulnerability with the OpenSSL cryptographic software library was publicly disclosed. This vulnerability is officially being referred to as “CVE-2014-0160” and being widely referred to in the media as the “Heartbleed Bug”. OpenSSL is very widely installed including on many servers here at Rochen. An article in The New York Times estimates that OpenSSL is in use by over two-thirds of websites including by many popular sites such as Facebook and Google. Rochen’s Systems Engineering Group first became aware of the “Heartbleed Bug” early on Tuesday, April 8th and immediately began patching any vulnerable…