Advisory – OpenSSL ‘Heartbleed’ Security Vulnerability

Posted on Apr 10, 2014


Attention AudioSalad Users: please read the following carefully – 

Q – What Happened?

On Monday, the OpenSSL project released an update to address a serious security vulnerability nicknamed “Heartbleed”. This vulnerability impacts the encryption used for internet communications between browsers and webservers and could allow access to decrypted HTTPS traffic.

To put it more simply, one of the most popular systems that encrypts/protects sensitive data like passwords has a major vulnerability.

Q – Is AudioSalad Impacted?

No – AudioSalad Admin, AudioSalad Portal/B2B, and client web sites, digital download stores, API services, blogs using SSL are secure from this vulnerability.

Q – What you should do?

You should check with your system administrator, contract developer or hosting provider immediately to confirm the status of your sites vulnerability to Heartbleed. The administrator should be auditing all services you may use to determine if they are also vulnerable, taking steps to repair any vulnerable services.

Q – Why is AudioSalad Posting this update?

Protecting our clients data and integrity is of the utmost importance to us. We work hard to ensure our infrastructure is fully secured at all times and whilst monitoring vulnerabilities and taking any necessary steps is part of our daily operations, this vulnerability is of a much higher threat level than usual, hence us bringing it to your attention.

Q – I Don’t Understand The Above But I Am Very Worried, What Can I do?

You can read more here: http://heartbleed.com

We will be available tomorrow to answer further questions and concerns surrounding Heartbleed – please email and we will be in touch.