“Heartbleed” OpenSSL Vulnerability Fixed on WebsiteAlive

Updates

On Monday this week, security researchers released details of a security vulnerability in the OpenSSL protocol which potentially allows an attacker to access information from a client or server’s memory (CVE-2014-0160: http://www.openssl.org/news/vulnerabilities.html).

The vulnerability has been fixed in OpenSSL v1.0.1g.

Like most other companies on the Internet, we also use OpenSSL library in our environments and unfortunately were affected with this bug.

Due to the nature of this vulnerability, there is no method to know 100% if you were affected with this issue.

Because of this, we highly recommend changing your passwords within your WebsiteAlive accounts (and any other online passwords you use on other sites for that matter).

We’ve already upgraded all necessary services on our front end and back end which uses the OpenSSL library, so the security hole is closed.

Specifically, we’ve updated our internal software services such as HTTP/VPN and keep a record in order to track progress on the updates from other 3rd-party SaaS services that we are using such as Amazon AWS, SendGrid, and Braintree. We’ve also reissued all SSL certificates in order to protect our customers from possible consequences of this vulnerability.

If you have any questions or need additional details, feel free to contact us at vip@websitealive.com.

No Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

Updates
Microsoft Dynamics Integration

  AliveChat Now Integrates with Microsoft Dynamics CRM! *Microsoft Dynamics CRM 365 only   Agents can now: – Search your Microsoft Dynamics CRM during a chat session to see if that person already exists. – Create a new Lead or Account from right within the Operator Console. The chat session …

Updates
A Brand New Interface

NOTE: All WebsiteAlive accounts will be AUTOMATICALLY UPGRADED before 12/31/2013. To test the interfaces, feel free to log into our Preview Demo Account. Also, we can provide you a fully-functional test account for your organization, just contact us at vip@websitealive.com.

Updates
Desktop for Windows Update

We’ve released an update for Desktop for Windows. This entirely new version addresses many issues found in the previous versions of Windows Desktop, such as sounds and pop-ups not working properly.

Bitnami