Amazingly, the OpenSSL Heartbleed bug appears to have been around for about two years. Which means that - in theory at least - this gaping security hole could have been actively exploited by unauthorised parties for a long period of time.
Tag Archives | CVE-2014-0160
Graham Cluley | April 8, 2014 12:54 am | Filed under: Data loss, Encryption, Privacy, Vulnerability 9
System administrators, I hope you weren't planning to have an easy day today?
The potentially disastrous news is that a serious security flaw has been uncovered in versions of OpenSSL’s transport layer security (TLS) protocols.