Michael D. Posted April 9, 2014 Report Share Posted April 9, 2014 If you're curious - none of our offerings are vulnerable to the 'heartbleed' exploit. Patches and updates were applied as soon as they were available to resolve the issue. If you're not aware of the issue -> http://heartbleed.com/ Quote Link to comment Share on other sites More sharing options...
djMot Posted April 9, 2014 Report Share Posted April 9, 2014 Yes, I was curious. Thank you for being on top of this! You're always several steps ahead of me, which is as it sholuld be. Quote Link to comment Share on other sites More sharing options...
michaelruge Posted April 9, 2014 Report Share Posted April 9, 2014 Is there anything we need to do to make sure our sites are secured? Do I need to regenerate the primary keys? Thanks for being on top of this thing. Michael Quote Link to comment Share on other sites More sharing options...
Michael D. Posted April 10, 2014 Author Report Share Posted April 10, 2014 Yes, I was curious. Thank you for being on top of this! You're always several steps ahead of me, which is as it sholuld be. We actually had this patched as of the 7th in the morning - we just generally don't announce each and every patch/security fix we apply as it's a constant every-day process. We just posted this thread up due to the overhwelming number of customers asking if we were secured against this bug. Is there anything we need to do to make sure our sites are secured? Do I need to regenerate the primary keys? Thanks for being on top of this thing. MichaelYou can regenerate the key and have the certificate re-issued if you wish but unless you're a large target I doubt you have anything to worry about. For example - if you were FaceBook I would say you definitely need to re-key. If you do thousands upon thousands of dollars worth of transactions via your SSL certificate - then re-keying is probably a good idea. It can't hurt to do it either way - but it can create some work for you. Quote Link to comment Share on other sites More sharing options...
juliebolddogge Posted April 11, 2014 Report Share Posted April 11, 2014 Thanks, Mike and everyone at MDD. Along with everyone else, I really appreciate the proactive announcement - you saved me from googling whether or not our sites were at risk. Quote Link to comment Share on other sites More sharing options...
michaelruge Posted April 11, 2014 Report Share Posted April 11, 2014 We actually had this patched as of the 7th in the morning - we just generally don't announce each and every patch/security fix we apply as it's a constant every-day process. We just posted this thread up due to the overhwelming number of customers asking if we were secured against this bug. You can regenerate the key and have the certificate re-issued if you wish but unless you're a large target I doubt you have anything to worry about. For example - if you were FaceBook I would say you definitely need to re-key. If you do thousands upon thousands of dollars worth of transactions via your SSL certificate - then re-keying is probably a good idea. It can't hurt to do it either way - but it can create some work for you. Thanks, Michael! Glad to know everything was taken care of in a timly manner! Michael Quote Link to comment Share on other sites More sharing options...
vladstafford Posted April 14, 2014 Report Share Posted April 14, 2014 Thanks Quote Link to comment Share on other sites More sharing options...
linkiepoo Posted April 20, 2014 Report Share Posted April 20, 2014 Thank you Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.