Posted on by Todd Miner

Apptivo is not affected by recently discovered “Heartbleed Bug” which you may have heard about.

What is the Heartbleed Bug?

On April 7, 2014, security researchers announced a recently-discovered vulnerability called Heartbleed. By exploiting this vulnerability, attackers could access sensitive data, compromising the security of the server and its users.

Apptivo is aware of the Heartbleed Bug (CVE-2014-0160) and has taken steps to evaluate whether there is an impact.

You may be reading media reports that say that all online business websites are vulnerable. We do not believe there is an impact to our Apptivo websites. However, we are working with third party vendors to assess our services and we are protected.

Here’s why we are confident Apptivo websites are not vulnerable

  • The encryption Apptivo uses for load balancers on the website does not use the OpenSSL library that is the source of the vulnerability.
  • Apptivo has never used this version of the OpenSSL library.
  • We have validated that our servers do not use the heartbeat extension.
  • We have taken additional steps, scanning to validate information for each customer.
  • You can verify here whether apptivo or any site you do business with is vulnerable. Heartbleed Vulnerability Verification

Next steps

Apptivo users are encouraged to check other websites they access to confirm if they were affected by the bug. Mashable’s list of common sites & recommended action

  • We will continue to work with our third party providers to determine their processes for assessment.
  • As an added confirmation, we are continuing our assessment on some ancillary reporting and file movement tools.

If you have any concerns or questions, please contact us at support@apptivo.com.

Leave a Reply