Amazingly, the OpenSSL Heartbleed bug appears to have been around for about two years. Which means that - in theory at least - this gaping security hole could have been actively exploited by unauthorised parties for a long period of time.
Tag Archives | CVE-2014-0160
Author: Graham Cluley
System administrators, I hope you weren't planning to have an easy day today?
The potentially disastrous news is that a serious security flaw has been uncovered in versions of OpenSSL’s transport layer security (TLS) protocols.