/n software - Special Security Update [Q1 2014]

Are your applications at risk?

OpenSSL Heartbleed Security Vulnerability

On Monday, the OpenSSL project announced a serious security vulnerability in the OpenSSL libraries nicknamed "Heartbleed". The Heartbleed bug is a major vulnerability in the popular OpenSSL software library that compromises the integrity of data secured through SSL.

/n software SSL cryptography is not affected

We have received hundreds of questions from customers, concerned about whether their applications are affected by this bug. Thankfully this vulnerability is limited to applications that use the OpenSSL libraries. Client and server solutions built on top of our /n software SSL cryptography, or those that implement SSL via the Windows cryptographic service provider algorithms, are completely unaffected.

The /n software components do offer a provider model for selecting cryptographic service providers. If you have configured your applications to use the OpenSSL provider, then you should make sure to update the SSL libraries or to switch to another cryptographic service provider.

More information about the Heartbleed vulnerability can be found at http://heartbleed.com/

Additional Security Resources

At /n software we want you to understand that when you purchase one of our products, you are securing a lot more than just a component or library. You are securing the ability to solve a problem at the present, together with assurance that our technology will be supported and maintained in the future.

If you have specific security concerns, please reach out to our support team (support@nsoftware.com) and a member of our team can assist you in making sure that your applications are using the best security technologies for your applications.

The Best Way to Add Secure Communications to Your Apps

Our Red Carpet Subscriptions give you everything you need in one comprehensive MSDN-style annual subscription. Components for every major protocol from FTP to IMAP to SNMP, SSL and SSH security, S/MIME encryption, Digital Certificates, Credit Card Processing, ZIP compression, Instant Messaging, Shipping and Tracking, and e-business (EDI) transactions. No licensing restrictions, and no technology restrictions, so you get everything: .NET, COM, C++, Java, Linux, iOS, Android, Windows Phone, etc. (learn more)