Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Security Manager's Journal: Dealing with the heartburn of Heartbleed

Mathias Thurman | May 20, 2014
Our manager scrambles to find and fix any vulnerable resources after the OpenSSL flaw is discovered.

What we have found out so far has been interesting, and at times alarming. Many of our network and security vendors have issued statements regarding vulnerable infrastructure we use, and some have already issued patches. Other vendors are still assessing the situation. Scans of our internal infrastructure yielded quite a number of servers that are vulnerable. Interestingly, we discovered that more than 300 resources that run Windows Server are vulnerable. That had us scratching our heads until we realized that it was the Integrated Lights Out board, used for remote server management, that was vulnerable. We are working with the vendor to obtain a patch.

We also discovered some 40 vulnerable servers on our PC network. This was traced to users who were running vulnerable virtual machines on their PCs.

The work continues, and I will provide status reports to our executive staff on a weekly basis until all issues have been remediated.

 

Previous Page  1  2 

Sign up for Computerworld eNewsletters.