Blog

Heartbleed OpenSSL issue does NOT affect our partners

 

The Heartbleed OpenSSL flaw discovered this week does NOT affect our partners, clients, and customers using our technology.

While many other public cloud providers (i.e. Rackspace, Joyant, CenturyLink, etc.) were affected by this security vulnerability, the GTS® and Global Focus® platforms that our software run on are powered by Microsoft which was not impacted.

Microsoft does not use OpenSSL to terminate SSL connections. Windows comes with its own encryption component called Secure Channel (a.k.a. SChannel), which is not susceptible to the Heartbleed vulnerability. Windows’ implementation of SSL/TLS was also not impacted. This applies to all Windows operating systems and IIS versions, up to and including IIS 8.5 running on any of the following operating systems:

  • Windows Server 2003 and 2003R2
  • Windows Server 2008
  • Windows Server 2008R2
  • Windows Server 2012
  • Windows Server 2012R2

We also want to assure our users that there is no reason to be concerned about passwords or any sensitive information stored within our software. Your information and data is secure.

For more information please see read Information on Microsoft Azure and Heartbleed and this update from the CERT Division of the Software Engineering Institute

 

Author

Darrell Dewese

Darrell, Chief Technology Officer and co-founder of GradLeaders, began his career in the career services and recruiting industry in 1999 as an applications developer at Resume-Link, and now has total oversight of all aspects related to product development provided by GradLeaders.

To enable comments sign up for a Disqus account and enter your Disqus shortname in the Articulate node settings.