Palo Alto Networks (NYSE: PANW) said it provides protection from the Heartbleed bug (vulnerability CVE-2014-0160) for its enterprise customers.
According to the US Cert Alert (TA14-098A) that was documented on April 8, 2014, this vulnerability in OpenSSL could allow a remote attacker to expose sensitive data, possibly including user authentication credentials and secret keys, through incorrect memory handling in the heartbeat extension.
The Heartbleed bug is associated with a critical vulnerability in OpenSSL that was recently disclosed that affects servers running OpenSSL 1.0.1 through 1.0.1f, estimated at “over 17 percent of SSL web servers which use certificates issued by trusted certificate authorities.” At worst, the vulnerability can lead to compromise of nearly the total contents of any server running affected versions of OpenSSL-enabled application, including internal services.
Palo Alto Networks is leading a new era in cybersecurity by protecting thousands of enterprise, government, and service provider networks from cyber threats. Find out more at www.paloaltonetworks.com.