OpenSSL Heartbleed: Are your applications at risk?


The OpenSSL project recently announced a serious security vulnerability in the OpenSSL libraries nicknamed "Heartbleed". The Heartbleed bug is a major vulnerability in the popular OpenSSL software library that compromises the integrity of data secured through SSL.

/n software SSL cryptography is not affected

We have received hundreds of questions from customers, concerned about whether their applications are affected by this bug. Thankfully this vulnerability is limited to applications that use the OpenSSL libraries. Client and server solutions built on top of our /n software SSL cryptography, or those that implement SSL via the Windows cryptographic service provider algorithms, are completely unaffected.

The /n software components do offer a provider model for selecting cryptographic service providers. If you have configured your applications to use the OpenSSL provider, then you should make sure to update the SSL libraries or to switch to another cryptographic service provider.

More information about the Heartbleed vulnerability can be found at http://heartbleed.com/

Additional Security Resources

At /n software we want you to understand that when you purchase one of our products, you are securing a lot more than just a component or library. You are securing the ability to solve a problem at the present, together with assurance that our technology will be supported and maintained in the future.

If you have specific security concerns, please reach out to our support team (support@nsoftware.com) and a member of our team can assist you in making sure that your applications are using the best security technologies for your applications.

We appreciate your feedback. If you have any questions, comments, or suggestions about this article please contact our support team at support@nsoftware.com.