Updates to address OpenSSL CVE-2014-0160 (Heartbleed Bug)

Discussion in 'Parallels Remote Application Server' started by owenb1, Apr 16, 2014.

Thread Status:
Not open for further replies.
  1. owenb1

    owenb1 Member

    Messages:
    56
    According to the US Cert Alert (TA14-098A) that was documented on April 8, 2014, this vulnerability in OpenSSL could allow a remote attacker to expose sensitive data, possibly including user authentication credentials and secret keys, through incorrect memory handling in the heartbeat extension.

    Given the severity of the SSL bug, 2X Software strongly recommends that customers install this update as soon as possible. While there haven’t been any credible reports of any criminals using this vulnerability, delaying the installation could leave your data vulnerable to being harvested.

    Download patch for 2X ApplicationServer XG versions 10.6: http://www.2x.com/downloads/builds/applicationserver/10.6.1558

    Download patch for 2X ApplicationServer XG versions 11.0: http://www.2x.com/downloads/builds/applicationserver/11.0.1933
     
    owenb1, Apr 16, 2014
    #1
Thread Status:
Not open for further replies.

Share This Page