What Does This Mean for Me?
This unfortunate news has implications on nearly everyone.
Anyone Who Logs Into Secure Websites
Unless you live under a rock, this vulnerability has the potential to affect you. If you have an account on a secure website (financial institutions, social media, email accounts, etc.), you will need to change your password. Do not log onto any website until it’s been updated with a patch.
Use this simple Heartbleed checker tool to find out if a particular site has been updated with a security patch. If you change your password before the site’s been fixed, you’ll need to go back and do it again later.
Also remember, this bug has only affected secure websites (those that begin with https in the URL). While you should make it a practive to frequently update all of your passwords, only those for secure websites are critical at this time.
Many Who Own or Run Secure Websites
If you own or manage a website that has an SSL certificate installed, you need to take this threat seriously. Depending on your site’s software library, you may need to have an appropriate security patch applied first, and then have the certificate re-keyed (in that order). At that time, your own customers—those who own accounts on your website—should be urged to change their passwords.
If you’re an August Ash client with an SSL certificate that AAI manages firsthand, be assured that our team started taking action upon learning of this vulnerability, likely before you even heard the term Heartbleed. We’re happy to say many of our clients were not impacted by this threat. Regardless, we’re already executing a strategic plan to apply updates and fixes as necessary.
We expect further developments on this story as time goes on. Stay in the loop by following our social media accounts, checking our blog frequently, and keeping an eye on trusted tech blogs. As always, we’re here for our August Ash clients. If you have an urgent question or concern, just pick up the phone.