chrlshlmn 36 Posted April 23, 2014 Share Posted April 23, 2014 Is Eset impacted by the heartbleed bug?Thank you very much. Link to comment Share on other sites More sharing options...
Arakasi 549 Posted April 23, 2014 Share Posted April 23, 2014 Hi , See these threads here : https://forum.eset.com/topic/2252-heartbleed-and-vulnerble-sites/?hl=heartbleed https://forum.eset.com/topic/2290-bugs-in-heartbleed-detection-scripts/?hl=heartbleed Link to comment Share on other sites More sharing options...
SweX 871 Posted April 23, 2014 Share Posted April 23, 2014 Hi Chris. Short answer.....no it is not. Also see the threads by Arakasi for more information. Link to comment Share on other sites More sharing options...
chrlshlmn 36 Posted April 23, 2014 Author Share Posted April 23, 2014 Thanks to Arakasi and SweX for your response and short answer. Link to comment Share on other sites More sharing options...
ESET Insiders xxJackxx 79 Posted April 25, 2014 ESET Insiders Share Posted April 25, 2014 In my browsing of various forums I have discovered that Kaspersky is in the process of releasing a patch that includes a fix that relates to heartbleed because their product makes use of a vulnerable version of the OpenSSL library libeay32.dll. After discovering this I found that Norton products also contain such components to connect to their own servers. Does/did ESET make use of any of these OpenSSL libraries? I'm sure the risk is small but this has been promoted as a server only problem (maybe an Android problem) but I am coming to find that many other products use that dll on Windows machines including Adobe products and some security suites as mentioned. I'm wondering what the potential scope of this problem actually is. Link to comment Share on other sites More sharing options...
geosoft 18 Posted April 25, 2014 Share Posted April 25, 2014 As far as I know, ESET makes use of the certificate store within Windows to manage/detect SSL traffic, therefore wouldn't be affected to heartbleed. Link to comment Share on other sites More sharing options...
ESET Insiders xxJackxx 79 Posted April 25, 2014 ESET Insiders Share Posted April 25, 2014 As far as I know, ESET makes use of the certificate store within Windows to manage/detect SSL traffic, therefore wouldn't be affected to heartbleed. Sounds good. Is there a staff member that can verify this? Link to comment Share on other sites More sharing options...
SweX 871 Posted April 30, 2014 Share Posted April 30, 2014 (edited) As far as I know, ESET makes use of the certificate store within Windows to manage/detect SSL traffic, therefore wouldn't be affected to heartbleed. Sounds good. Is there a staff member that can verify this? Bump. I'm sure there are more users that are wondering about this. Edited April 30, 2014 by SweX Link to comment Share on other sites More sharing options...
Recommended Posts