‘Heartbleed’ OpenSSL vulnerability

There has been widespread media coverage of the Heartbleed OpenSSL IT security vulnerability this week. Although some University systems were affected by the vulnerability, these have been patched and it is not necessary for all University users to change their University password, unless they have used the same password on non-University systems (a practice which is not encouraged!).

If you need to change your password please do so via https://password.reading.ac.uk.

For further information on the need to change passwords as a result of Heartbleed, the Sophos “Naked Security” blog has good advice on this subject :-

http://nakedsecurity.sophos.com/2014/04/10/heartbleed-heartache-should-you-really-change-all-your-passwords-right-away/

As a result, of the Heartbleed vulnerability, the WebVPN system has been urgently updated. Those who use the WebVPN facility for remote access to systems will all be forced to update their client the next time they attempt to connect.

If you are still having concerns regarding Heartbleed or systems security, please contact ITS-Help via the usual channels.

Tags: , , , ,