McAfee releases Heartbleed Checker for concerned consumers
By Digital News Asia April 15, 2014
- Free checker tool for consumers to gauge their susceptibility to Heartbleed bug
- Important to first check if websites have been updated before changing passwords
WITH organisations around the globe already updating their systems to guard against the Heartbleed bug, security solutions firm McAfee has released a free Heartbleed Checker tool for consumers.
The free tool is intended to help consumers easily gauge their susceptibility to the potentially dangerous effects of the Heartbleed bug that has placed millions of Internet users’ personal information at risk.
Gary Davis, vice president of consumer marketing at McAfee, part of Intel Security, said that it’s important that users first check to make sure the websites they frequent are updated before changing their passwords.
“In the wake of confusing information floating around, our tool makes it easy for consumers to quickly access the information they need. Armed with this information, consumers can decide when it is time to change their passwords and regain confidence in a safe websurfing experience,” he said.
Estimated to have affected up to two-thirds of all websites, the Heartbleed bug is a vulnerability in the OpenSSL encryption software that protects usernames, passwords, credit and debit card numbers, and other sensitive user information.
A flaw in the SSL (secure sockets layer) code could allow an attacker to gain access to system memory, which potentially could contain sensitive information or communications.
The Heartbleed bug is being described as the most serious security threat to the Internet to date. In a blog post on the issue, security expert Bruce Schneier called Heartbleed a “catastrophic” vulnerability: "On the scale of 1 to 10, this is an 11."
According to a report by Ars Technica, malicious ‘bot’ software may have been attacking servers with the vulnerability for some time.
In Malaysia, security advisories have been issued to all government agencies, ministries, regulators and banks, with both the Malaysian Communications and Multimedia Commission (MCMC) and Cybersecurity Malaysia monitoring the situation.