Will Heartbleed affect my product?

Will Heartbleed affect my product?

Friday 11/04/14, Dublin, Ireland.

The Heartbleed vulnerability in OpenSSL (CVE-2014-0160) has received a significant amount of attention over the last few days. While the discovered issue is specific to OpenSSL, we would like to give reassurances to our customers that we have been working to eliminate susceptibility on all our products.

Recent code releases for some of our routers incorporated OpenSSL 1.0.1 and are vulnerable to the Heartbleed exploit.

For hardware products that are currently vulnerable (see list below), Virtual Access has upgraded the main trunk (from which all versions of OpenSSL come) to OpenSSL 1.0.1g. As new software releases are created from today, they will all have this fix.

Our support teams are in touch with customers using their own branch, as they will need a specific release for their product.

No action is required for products that are currently not vulnerable.

Below is a list of products and information on vulnerabilities for each range.

Not Vulnerable

  • GW2010 Series
  • GW2040 Series
  • GW4000 Series
  • GW5000 Series
  • GW6100 Series
  • GW6500 Series
  • GW6700 Series
  • GW6800 Series
  • GW7000 Series
  • GW7100 Series
  • GW7200 Series
  • GW7800 Series
  • GW8000 Series
  • GW9000 Series
  • AOS
  • AOS RAS
  • Activator
  • Monitor
  • AB Switch

________________

Vulnerable

  • GW2020 Series
  • GW6600 Series
  • GW7300 Series

_________________

For more information on software versions and versions on OpenSSL on your router model, please contact Virtual Access customer support:

UK: 0870 850 2937

Ireland: 01 604 1842

International: +353 1 604 1842

Further information on Heartbleed bug:

http://blogs.technet.com/b/erezs_iis_blog/archive/2014/04/09/information-about-heartbleed-and-iis.aspx

http://www.siliconrepublic.com/enterprise/item/36438-a-heartbleeda-bug-expose?