Yesterday OpenSSL released a fix for seven security vulnerabilities, including a serious flaw (CVE-2014-0224) that enables man-in-the-middle (MITM) attacks, potentially allowing the attacker to decrypt and modify traffic from the attacked client and server.
Using our recently honed OpenSSL patch applying skills, we immediately responded with a network-wide update, protecting our servers and all of our clients from these security issues.
To find out more about CVE-2014-0224 vulnerability you can visit this blog post by Masashi Kikuchi, the researcher who discovered the flaw.
It should go without saying that we advise all OpenSSL users to apply the patch as soon as possible.
Vulnerabilities fixed by this security update: