On April 7th 2014 the Heartbleed bug was reported. This bug exposed vulnerabilities in the OpenSSL library.
According to http://heartbleed.com:
– OpenSSL 1.0.1 through 1.0.1f (inclusive) are vulnerable
– OpenSSL 1.0.1g is NOT vulnerable
– OpenSSL 1.0.0 branch is NOT vulnerable
– OpenSSL 0.9.8 branch is NOT vulnerable
Upon reading the announcements, Krescendo carried out immediate verifications on its infrastructure.
Krescendo can confirm that its client services were *not* affected.
This is because Krescendo’s machines are not running the vulnerable versions of OpenSSL.