The IBM Integration Middleware and the Heartbleed exploit

Wondering if the IBM Integration Middleware is affected by the Heartbleed exploit? Good news for you! In general the answer is no, but there are exceptions...

According to the official IBM Security Bulletins released so far, Cast Iron version 7.x and two MQ Support Pacs are affected. The recommendation for people who work with any of these tools is to keep watching the IBM Support Portal as well as the IBM Product Security Incident Response Team (PSIRT) for more security bulletin updates.

See the official IBM Security Bulletins for each technology:

Besides the need of reissuing certificates that may have been compromised, there should also be an effort to revoke them. Imagine revoking and reissuing new certificates for 66% of the Internet... The Certificate Authorities might be laughing really loud by now with this unforeseen profit about to enter their books...

No comments:

Post a Comment