Three days ago a public disclosure was made regarding a critical vulnerability on the latest OpenSSL version, which can show to attackers up to 64kb of encrypted information transmitted over SSL. More information can be found here:
As of yesterday, there were still some big websites vulnerable to this exploit. Since then, there’s been a effort from hosting companies, websites and developers to fix this exploit.
IIS is not affected by this vulnerability, so if your website is hosted on a Windows platform, you shouldn’t be concerned. However, almost any server with recent versions of UNIX/Linux servers is likely to be vulnerable. If your website is hosted on a Linux server, you should contact your hosting company or have your web developer check if your site is vulnerable.
Here is a test tool to check whether a given domain remains vulnerable.
Here at CSW Solutions, we have already tested our customer domains with this tool and verified that this bug was fixed.
If you need help with your website or you would like to check if your website is vulnerable, click here.