Earlier this week, on April 7th, 2014, news broke that a threat named the Heartbleed bug was discovered by researchers at Codenomicon and Google. The Heartbleed Bug is a serious vulnerability that attacks the heartbeat extension implemented in OpenSSL. This weakness allows the ability to steal information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet.
Given what we know today about the Heartbleed bug, it impacts OpenSSL versions 1.0.1 through 1.0.1f. Datacard Group products, solutions and networks do not run on these OpenSSL versions. We do recommend, however, that financial organizations, government entities and other enterprises assess their broader network infrastructure to determine if there are any other potential vulnerabilities.
Read more about what our Entrust colleagues have to say about it here.