Skip to main content

Heartbleed

Heartbleed
The security vulnerability known as “Heartbleed” was disclosed on Tuesday, April 8. Since then the “bug” has been in the news all across the globe. IT Departments around the world have been working long hours to identify and update vulnerable systems. Georgia Southern Information Technology Services has been doing the same since Heartbleed was announced. Finding and fixing all vulnerable systems is a world-wide effort. It’s a very technical process that will take some time.

IT Services will update this page with information and links to web pages and articles that will shed more light on Heartbleed, what is happening to fix the problem, and what you can do to patch your own devices.

Personal Mobile Phones and Tablets Support

Please remember that Georgia Southern cannot provide support for your personal smartphone or tablet. This information is provided as a service so that you can take precautions and steps to safeguard your personal information.

Heartbleed News

Here’s a newsletter published by the SANS Institute, a large Information Security organization, with excellent information about what Heartbleed is and how it may affect computer users. Click here to read “OUCH! Heartbleed – Why Do I Care?”.

Click here to read the Q&A article about Heartbleed published on April 16 by IT Services.

Mashable has published a list of major online resources with information concerning how they were affected. Note: Mashable is constantly updating the list.

You’ll see recommendations for changing passwords on the Mashable list. Georgia Southern can’t recommend that you follow or ignore that advice. The best thing to do is to contact individual services or companies to get recommendations as to what you should do.

Georgia Southern requests that you not change your Georgia Southern password until directed to do so by the Office of the CIO of Georgia Southern University.

Android

Google announced on April 9 that most versions of the Android operating system are not affected by the flaw. The company said, however, that one version was affected. Android version 4.1 Jellybean, and more specifically version 4.1.1, is the exception. This version was released in 2012 and is running on 34% of all Android devices according to statistics released by Google.

Here is an article on Yahoo! Tech about Android.

Dan Goodin of arstechnica wrote an article on the arstechnica website about the vulnerability of some Android devices.

Lookout Mobile Security has made its free Heartbleed Security Scanner available in the Google Play Store for use on Android devices to check for vulnerabilities on phones and tablets. Please remember that we want to make you aware of this service to help you determine your vulnerability but we cannot be responsible for any problems that may result from the use of this or any other application. Be sure to read all information regarding the application before downloading it.

Apple iPhone/iPad

Apple has reported that the operating system for iPhones and iPads, iOS, does not use the OpenSSL code that has caused the Heartbleed vulnerability and, as a result, iPhones and iPads are not susceptible to being compromised by Heartbleed.

Gaming

If you are a online gamer, check out this article on what games the Heartbleed bug has affected: http://www.digitaltrends.com/gaming/heartbleed-bug-gaming-services-affected/#!Ea9Tv

Last updated: 4/23/2014