There has been a lot of media attention given to a new computer exploit, nicknamed “Heartbleed”.
Heartbleed is not a security flaw of a business network, or a users workstation, but of a website. Heartbleed is a security flaw discovered in OpenSSL, used by a vast majority of websites on the internet, including Google (including Gmail), Facebook, Instagram, Pinterest, & Yahoo (http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/). Many more effected sites are surfacing every hour, and the ramifications of this security issue will be around for a long time. But, this is a server side issue, and can only be dealt with at the server level. There is no update for a user’s machine to fix this, thus nothing for a user to do but wait.
Most of our clients servers do not have a web interface, and thus are not effected. Microsoft Exchange, including Office 365, Sharepoint, and Remote Desktop Services all use IIS, which uses Microsoft’s SChannel technology, which is not effected (http://blogs.technet.com/b/erezs_iis_blog/archive/2014/04/09/information-about-heartbleed-and-iis.aspx).
As per usual, St. Aubin Technologies is committed to supplying accurate and relevant information to our customers and clients, as well as providing excellent and timely service. If you are a client, and have further questions about the Heartbleed security flaw, please don’t hesitate to call us.