Heartbleed is the latest issue in internet security and it is pretty much serious. Researchers say this is one of the most serious flaw in the history of computer security.
Heartbleed is a flaw in the OpenSSL encryption software library - it is a open source software library for SSL and TLS protocols, to explain simply, this library helps websites securely transfer data such as your login information from your computer to their server. Almost every big websites you use happen to be using this OpenSSL library - Google.com, Facebook.com are few examples.
On April 8, 2014, security researches found this flaw and alerted everyone to take measures to patch this issue in their websites. Many of them are now patched, and asked users to renew their passwords for extra security - if their account was compromised before patching, it was just extra precaution step to keep your identity safe.
Yesterday, Microsoft announced that their services are unaffected by this Heartbleed flaw. Microsoft issued the following statement:
"After a thorough investigation, Microsoft determined that Microsoft Account, Microsoft Azure, Office 365, Yammer and Skype, along with most Microsoft Services, are not impacted by the OpenSSL “Heartbleed” vulnerability. Windows’ implementation of SSL/TLS is also not impacted. A few Services continue to be reviewed and updated with further protections."
To know more about this serious Hearbleed bug, visit heartbleed.com
Source: Microsoft Security Blog via Neowin
No comments :
Post a Comment