You may have heard news of the “Heartbleed Bug,” as recently reported by the OpenSSL project. Researchers have found a critical defect in versions 1.0.1 and 1.0.2-beta of OpenSSL, the cryptographic software library which is used to protect up to an estimated 75 percent of the Internet’s secure traffic. The bug may allow individuals to read small portions of memory on systems protected by vulnerable versions of the OpenSSL software. For information on this vulnerability, see CVE-2014-0160 on the NIST website and heartbleed.com.
Further, our technology partners confirm that all systems are either not affected or have already been updated as well.
Protection PLUS 5 Native Edition API is affected:
Protection PLUS 5 Native Edition build 22.214.171.124 was recently posted with a patched version of OpenSSL. The updated library “should” be a drop in replacement for the affected versions of PLUSNative library in most cases. There are many other changes in this library that were already scheduled for this release that are also included in 126.96.36.199. Please review the release notes and contact us with any questions.
Existing customers can log into their Customer Portal to download this update. Customers with expired software maintenance can either renew their software maintenance online or contact us for this vulnerability fix.
As with any wide-reaching story, we understand that our customers may have concerns. If you should have any additional questions or concerns, feel free to contact us.
Mike Wozniak is one of the co-founders of SoftwareKey.com and responsible for marketing, content and product strategy. When he isn't plotting new ways to help customers solve licensing and business automation challenges, he likes to travel and entertain guests who come to visit the Orlando area. He also writes most of the licensing tips here.