Voxox Not Vulnerable to Heartbleed

Posted by Kevin Hertz on Apr 15, 2014

You've probably heard all the hubbub about "heartbleed," an exploit of the very commonly used openSSL library, which has the potential to leak up to 64k of SSL or TLS encrypted data passed in a heartbeat response. The Voxox IT team has run a full system assessment and is happy to report that we are not susceptible to the exploit.  


The reason we are not susceptible is primarily based on our network design. Voxox does not have any servers running openSSL that are directly accessible from the public internet. Instead, we use SSL concentrators that act as a reverse proxy. We have confirmed with the manufacturer that the version of their system we use is not affected by the heartbleed exploit. 

That all being said, in the interest of good housekeeping, our team is currently patching every server that runs openSSL, even though they are not reachable from outside our network.

For a good list of passwords you should change right now, check out this list being kept up to date by Mashable.