On Wed, Apr 9, 2014 at 10:49 AM, David Lum <[email protected]> wrote: > Are many of you guys affected by this? > https://isc.sans.edu/forums/diary/Patch+Now+OpenSSL+Heartbleed+Vulnerability/17921
Basically speaking: If you think you don't use OpenSSL, you're wrong. :) > Most likely vectors are apparently Linux-based appliances. Including, for example, just about any DVD/Bluray player, "smart" TV, set-top box, SOHO Internet gateway, etc. A lot of "enterprise" gear, too. Or anything iOS or Android or MacOS. Or Windows if you've ever installed third-party software which uses OpenSSL. Granted, an insecure SSL stack in a TV isn't the same exposure as in a corporate VPN gateway, but it's still scary just how much stuff this potentially impacts. -- Ben
