Heartbleed OpenSSL vulnerability

As you may have heard from news reports (such as http://www.washingtonpost.com/news/morning-mix/wp/2014/04/09/heartbleed-...), a major Internet security vulnerability, known as Heartbleed, was disclosed earlier this week.


IAS Computing has taken the steps necessary to ensure that our systems and information remain secure, including patching vulnerable servers, and blocking exploit attempts on our infrastructure.  We believe that we are no longer at risk for this vulnerability.


Although we do not have any evidence showing that confidential data has been stolen through this vulnerability, the possibility does exist.  Given that the date of origin regarding this flaw remains unknown at this time, information security best practices suggest, and we highly recommend, that all Institute users take this opportunity to change their password.  We feel comfortable with this course of action because our services are no longer vulnerable to this issue.


This vulnerability also affected many servers on the Internet.  It would be similarly worthwhile to look into the protection status of other sites or services on which you may store sensitive or personal information, and follow their recommendations for ensuring security as well.


If you have any questions about this or resetting your password, please contact your helpdesk:


ITG: helpdesk@ias.edu  (609) 734-8044

http://www.itg.ias.edu/category/tags/network-and-Security/accounts


Math: help@math.ias.edu (609) 734-8012

Linux & Mac - https://www.math.ias.edu/computing/faq-detail?faq=21

Windows - https://www.math.ias.edu/computing/faq-detail?faq=43


SNS: help@sns.ias.edu  (609) 734-8030

http://www.sns.ias.edu/computing/changing_passwords