Security vulnerability in OpenSSL

A security vulnerability in OpenSSL, also known as Heartbleed, has been detected. Basefarm has mobilized a response team dealing with the security issues related to this event. 


A security vulnerability in OpenSSL, also known as Heartbleed, has been detected. Basefarm has mobilized a response team dealing with the security issues related to this event. Customers that are exposed for threats are informed and systems are patched and updated. Further post activities will be followed up for customers affected.

Update April 10:

A security vulnerability in OpenSSL was published on April 7 (see text above). With this vulnerability, an attacker is able to remotely dump the memory contents of a process using OpenSSL. This exposes both the content of SSL/TLS encrypted communications, and the associated private keys. This is a major issue as OpenSSL is a critical component of most encrypted Internet services.

Basefarm’s Security Incident Response Team, together with other Basefarm personnel, investigated which of the servers hosted by us were affected, and to what extent. Those services which were managed by Basefarm were then patched and affected customers were notified. This was completed Tuesday afternoon.

In addition, we have written a blog post about this situation.