Yikes! Kind of scary. Good thing the update is already available. I highly recommend patching your OpenSSL if you’re running it.
For those unwilling to read the article, the long and short of it is that with vulnerable OpenSSL, a lot of traffic on the web that is ‘encrypted’ is capable of being decrypted.
Those usernames, passwords, credit card details, your emails, all of it.
So I hope all you admins out there are keeping an eye open.
I’ll be updating today.
—
Heartbleed Bug original article
Crypto Bug in Open SSL Arstechnica article
