| Blog

Heartbleed and Zane Health

Written by: PeopleKeep Team
April 14, 2014 at 5:18 PM

heartbleedOn Monday morning, April 7th, 2014, the bug known as "Heartbleed(CVE-2014-0160) became public knowledge. Zane Benefits has addressed this issue.

What is Heartbleed, exactly?

Heartbleed (CVE-2014-0160) is a bug in OpenSSL version 1.01 and 1.02 Beta regarding SSL/TLS handling. During the heartbeat exchange between browser and server, the OpenSSL software was relying on a packet size variable from the user. This packet size would be grabbed from memory and sent back to the user as part of the heartbeat.

Do I need to do anything?

While Zane Benefits has resolved the issue, we strongly recommend that you reset your password. Click here to login now and change your password.