Christopher Lentz | April 11, 2014 10:55 AM
Since Monday, the internet and technology community has been abuzz with talk of the dreaded Heartbleed situation. Though the fix is relatively simple, the damage could already be done in some instances.
As small as it might seem since it is only affecting a single piece of software, the Heartbleed attacks one of the most highly used pieces of software in Linux and Mac operating systems, OpenSSL. OpenSSL is responsible for providing secure socket layer (SSL) protection while browsing e-commerce sites and any other site that might collect your personal information. It also helps deliver secure tunnels in VPN environments that use the OpenSSL application as a back end part of OpenVPN and other VPN software solutions. In the end, most social networks, file sharing services like Dropbox, and any web server running Apache are likely to need password changes. Most banks are saying that password changes are not necessary and that they were not affected.
If you have any system that runs OpenSSL, it is advised to upgrade to the latest version 1.0.1g as soon as possible. After you have completed the upgrade, it is stronly advised to rekey the upgraded servers as well as updating the passwords. These few steps should prevent measures from possible zero day attacks.