Many of you have heard of the Heartbleed Bug security vulnerability that affects OpenSSL cryptographic software library. In simple terms, this bug opens a hole in the HTTPS SSL security protocol which allows stealing of information that you thought was protected.
The only customer facing Winshuttle system that uses OpenSSL is Zendesk, our Help Center Support Portal. Zendesk has made the required changes to their OpenSSL to patch the security hole. Following this change, Winshuttle IT has requested and changed our SSL Certificate to correct any site specific vulnerabilities.
To ensure your valuable information is protected, all Winshuttle Support passwords, both internally and externally, need to be reset. In the next couple of days you’ll receive an email which will provide easy instructions on how to change your Winshuttle Support password. We realize that changing your password is an inconvenience, but it is necessary to ensure your information is protected.
Winshuttle Connect, our license management service, and Winshuttle Central and Workflow, uses a different SSL security library, so is not affected by Heartbleed Bug.
For more information on the Heartbleed bug, please visit http://heartbleed.com/.
Thank you for your patience during this process.
**Update: 4/14/2014 – Due to technical issues at Zendesk, the forced password reset will be delayed. You may change your password now, but the mass reset will force you to change your password again later this week.
Questions or comments about this article?
Tweet @wssupport to continue the conversation!