Advertisement

The Heartbleed bug is affecting routers, too

Read our Heartbleed defense primer? Good, but the fight for your privacy isn't over just yet: you might have to replace your router, too. Cisco Systems and Juniper Networks have announced that the Heartbleed bug -- a flaw in OpenSSL that lets attackers bypass common security protocols -- has been found in their networking products. This news isn't too surprising, as any device using OpenSSL is potentially vulnerable, but checking these devices for the flaw is a laborious process. Naturally, devices that don't use the affected versions of OpenSSL (like Linksys routers) are unaffected. Both firms are investigating their product libraries to compile lists of affected devices. You can find those lists here, here (for Juniper Networks) and here (for Cisco Systems). If one of your devices is listed, sit tight and watch for updates; both companies say they're working on patches.