sincity Posted April 9, 2014 Share Posted April 9, 2014 http://cdn.mos.techradar.com/art/internet/Google/Google_Heartbleed-470-75.jpgIt's likely to be a long week for IT professionals dealing with the aftermath of Heartbleed, the OpenSSL security flaw discovered earlier this week - but Team Google appears to have a good handle on it for now.The Google Online Security Blog today announced patches to many key Google services affected by Heartbleed, the security bug discovered Monday that potentially allows for theft of data typically protected by SSL/TLS encryption."We've assessed this vulnerability and applied patches to key Google services such as Search, Gmail, YouTube, Wallet, Play, Apps, and App Engine. Google Chrome and Chrome OS are not affected," explained Google Product Manager Matthew O'Connor in a blog post Wednesday.The company's security experts are still working to patch "some other Google services" affected by CVE-2014-0160, the official name for the OpenSSL flaw which has been dubbed "Heartbleed."Android immunityGoogle's security team also made it clear today that the Android operating system is largely immune to Heartbleed, with the exception of Android 4.1.1, although the company is already distributing a patch to partners for that version.Google Cloud Platform and Google Search Appliance customers are also having Heartbleed purged from their services, with an update on the latter expected to arrive within 24 hours for enterprise customers.Security engineers are also currently busy patching Cloud SQL, with fixes expected to roll out Wednesday and Thursday; in the meantime, Google has posted instructions on how to whitelist IP addresses to prevent unknown hosts from accessing them.Although many companies are encouraging users to reset their passwords, security experts recommend waiting until fixes are in place to eradicate the Heartbleed flaw; the status of any domain name can be checked absolutely free from the Qualys SSL Labs website.View a glimpse of the future with our Google Glass review!http://rss.feedsportal.com/c/669/f/415085/s/392df754/sc/15/mf.gifhttp://da.feedsportal.com/r/194479977049/u/49/f/415085/c/669/s/392df754/sc/15/rc/1/rc.imghttp://da.feedsportal.com/r/194479977049/u/49/f/415085/c/669/s/392df754/sc/15/rc/2/rc.imghttp://da.feedsportal.com/r/194479977049/u/49/f/415085/c/669/s/392df754/sc/15/rc/3/rc.imghttp://da.feedsportal.com/r/194479977049/u/49/f/415085/c/669/s/392df754/sc/15/a2.imghttp://pi.feedsportal.com/r/194479977049/u/49/f/415085/c/669/s/392df754/sc/15/a2t.imghttp://feeds.feedburner.com/~r/techradar/software-news/~4/tYyY8W9G904 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.