Important information about Heartbleed bug
By Communications Staff
ITServices has taken several steps to ensure the university’s websites have not been impacted by the Heartbleed security bug that has comprised sites around the world.
Heartbleed is a security bug or programming error in many versions of OpenSSL, the software code used to encrypt and protect passwords and other sensitive information. Hackers could exploit the vulnerability to decode and read previously protected sensitive information on compromised websites.
“Queen’s is in a good position because the majority of SSL processing is done by the devices that are not vulnerable to Heartbleed,” says Bo Wandschneider, Associate Vice-Principal (Information Technology Services) and Chief Information Officer. “ITServices has completed several scans and only a few minor problems have been identified on campus, which are being triaged by urgency.”
Community members can run an online test (check “do not show results on the boards”) to see if a website has been affected. If a problem is detected, you are asked to contact the ITServices Support Centre by phone at 613-533-6666 or through the online help form.
More information about Heartbleed is available on a website set up by the researchers who discovered the issue.