OpenSSL “Heartbleed” Security Update

The engineering team at Zencoder conducted a review to assess the impact to our system of the CVE-2014-0106 vulnerability, nicknamed “Heartbleed”. This serious vulnerability would allow an attacker to reveal up to 64kB of memory to a connected client or server. Even though many servers running on the internet were exposed, Zencoder public facing servers were not effected.

Some of our internal servers, which are not accessible by customers, were vulnerable. We fixed this vulnerability as of 8:00PM PST on Monday, Apr 7th.

blog comments powered by Disqus