“Advice in the Wake of Heartbleed”
Middle-Market Legal Toolbox Blog 04/09/14 By Jessica L. Franken
By now, you’ve almost certainly heard of Heartbleed, the major flaw in OpenSSL, a security protocol used by an estimated two-thirds of websites. The Heartbleed security issue has been getting a lot of press, but what does it mean for you?
If your company has a website that uses either the 1.0.1 or 1.0.2-beta releases of OpenSSL, including 1.0.1f and 1.0.2-beta1, your system may be vulnerable. OpenSSL has released a fix, and you should:
- Promptly download the fix from OpenSSL.org and update your system.
- Advise your users that you have implemented the fix and have your users change their passwords as soon as the fix is in place.
Originally published on Middle-Market Legal Toolbox Blog, April 9, 2014