HeartBleed bug - All OpenSSL websites may be at risk



You can also just google "heart bleed bug" which is becoming a hot topic across the internet very rapidly.

Basically, what happens is the website sends a "heartbeat" test to the client, and if the client is still there, the client responds, but in that there is a vulnerability with most web servers including Apache and Nginx as well as any other server that uses OpenSSL

Discovered by a security researcher at Google, many websites have already fixed the bug, which simply requires updating OpenSSL

The polls are in, here's what the companies say you should change.


I'd say go ahead and change them all, though.

Wish people would take this breach more seriously :/

Well there's nothing you can really do until ALL of the websites that you frequent have been fixed. If you change your passwords, but they haven't fixed the bleed, it's useless.

If anyone would like it I have the script that exploits the bug.