A Bug Found in OpenSSLBy Bryan on March 5, 2010 | Vulnerabilities, OpenSSL, severe vulnerability, open-source
A “severe vulnerability” was found in the OpenSSL. Computer researcher's used software encryption package that allows them to rebuild a machine's confidential cryptographic key. The flaw in OpenSSL is important because the open-source package is used to protect sensitive data all over the world.
An independent security researcher Karsten Nohl commented: “Wherever you need to verify the origin of a piece of software or a piece of information, those building blocks come in handy."
There is a good news. According to scientists from University of Michigan, the bug is easily fixed by applying cryptographic sequence to an underlying error-checking algorithm. These random sequences will make the attack impossible.
An OpenSSL official commented that engineers are in a process of patching the flaw. It is also true that scientists are experimenting with the possibility of exploiting the bug using lasers or natural radiation sources.
More Vulnerabilities news
- Shockwave Player update patches 6 flaws
- Fixit: a temporary fix for IE vulnerability
- Java vulnerability raises targeted attacks by cybercriminals
- Huawei investigates critical router vulnerability
- Official: Skype flaw is fixed and IMs are safe to send
- Instagram flaw enables culprits to see private data
- Microsoft XML vulnerability is exploited
- Shocking: 9 out of 10 websites still vulnerable to old attacks
- Mozilla's decision: Firefox is blocked from running unpatched Java plugins
- Facebook still is a wonderland for cybercriminals