Home → Techniques and Tips → All Products → Heartbleed Bug and Palisade Software
Applies to:
All products
Question:
I've been hearing about this Heartbleed security problem in OpenSSL code. Are @RISK and the other Palisade products vulnerable?
Response:
No. The only Internet operations are Automatic Activation (if you select it) and checking for updates, both of which connect with our server. Our server does not use OpenSSL to support these operations. We have checked with Flexera Software, which provides our licensing software, and they have verified that the modules that we use are clean.
See also:
Heartbleed is listed as CVE-2014-0160 by the U.S. Department of Homeland Security, for example on these pages:
Alert (TA14-098A): OpenSSL 'Heartbleed' vulnerability (CVE-2014-0160) from US-CERT, the United States Computer Emergency Readiness Team, provides a brief introduction and links to several sites including Heartbleed.com.
Vulnerability Summary for CVE-2014-0160 from NIST National Vulnerability Database lists many technical references.
last edited: 2014-05-07