OpenSSL ‘heartbleed’ security issue – Itomic taking action

April 9, 2014

Ross Ross Gerring

A major, global security issue has just come to light in relation to the popular OpenSSL software that is used on Itomic’s website hosting servers and millions of other servers.

You can read all about it here: http://www.bbc.com/news/technology-26935905

It’s not possible to detect whether or not any particular server or site has been exploited or not therefore, as a precaution:

  1. We’ve already updated the OpenSSL software on all our servers to the latest recommended version (i.e. the version where the vulnerability has been closed).
  2. We’re working to re-generate, re-issue, and re-install all SSL certificates used on all our servers. We’ll work as fast as we can, but we estimate this might take up to 24-48 hours.

We understand that actions 1+2 will guarantee the total closure of the vulnerability, and is the correct course of action, even though statistically the chances of our servers being exploited is extremely low.

If you have any questions or concerns, please email support@itomic.com.au.

Thank you.