a nasty sounding thing - The Heartbleed Bug

posted by Alex Hens
10 April 2014

You may have heard about a vulnerability that's been discovered with some sites that use SSL certificates. It was quite big news yesterday (Wednesday 9th April) - and if you haven't heard of the Heartbleed Bug then you can read all about it here or here.

I just thought it may be helpful to assuage the fears of any clients of ours that this has already been dealt with on HARBOUR installs. 

We became aware of it, along with the wider development community, in the early hours of Tuesday morning. By lunchtime we'd assessed all installs and discovered that it only affected two client sites. As we prepared the servers for implementing the security patch (they were both on standalone installs and so it was indeed only they who might be affected) we contacted them and conveyed that there was a possibility they may witness some slowing and even potentially a little down time to their service as a result of the work we were having to undertake, and whilst this was certainly not ideal we felt that this was a suitably critical issue to warrant such disruption. The client's agreed and notified their user communities.

End result is that there was no down time and before the end of the day both sites were updated and working fine. We work hard to ensure our clients' data security and part of that is staying on top of global issues as they're discovered and acted swiftly on - often these are small issues that we don't make a song and dance about, this one just became very public so we thought we'd mention it. 

If you have any questions at all about this then please don't hesitate to get in touch with your Account Manager or our ever helpful support team.

BTW - this is how the Heartbleed Bug works in simple terms (courtesy of http://xkcd.com/):

Categories: HARBOUR | Security |