If you’ve watched the news during the past couple days you’ve no doubt heard of the ‘Heartbleed Bug’. In plain English, this means that there is a vulnerability on SOME websites, that require secure login.
Good news! CMSIntelligence is not affected by this vulnerability.
The bad news, a lot of your favourite sites may be at risk. It’s reported that Google, Facebook, Yahoo, GoDaddy and more have been affected by this.
A security update was released on Monday, however, it is up to the administrator of each website to apply the security update.
What can you do?
It’s unclear at this point if changing your passwords immediately is the best idea. We recommend you make a list of websites that require a secure login and check their news page for updates.
During an interview with CTV, the spokesman for the Finnish firm that discovered the vulnerability said:
Until the problem is fixed it’s not a good idea simply because it allows people who are acting in a criminal manner to see the passwords,” he told CTV News Channel on Wednesday. “So you could have exposure again and again and again until the problem is fixed.”
In the meantime, there is a free testing tool available at: http://filippo.io/Heartbleed/
– The CMSIntelligence Team