Did the Heartbleed bug leak your Yahoo password?

Amazingly, the OpenSSL Heartbleed bug appears to have been around for about two years. Which means that – in theory at least – this gaping security hole could have been actively exploited by unauthorised parties for a long period of time.

The Heartbleed bug: serious vulnerability found in OpenSSL cryptographic software library

System administrators, I hope you weren’t planning to have an easy day today?

The potentially disastrous news is that a serious security flaw has been uncovered in versions of OpenSSL’s transport layer security (TLS) protocols.