Heartbleed and Zane Health

April 14, 2014

heartbleedOn Monday morning, April 7th, 2014, the bug known as "Heartbleed(CVE-2014-0160) became public knowledge. Zane Benefits has addressed this issue.

What is Heartbleed, exactly?

Heartbleed (CVE-2014-0160) is a bug in OpenSSL version 1.01 and 1.02 Beta regarding SSL/TLS handling. During the heartbeat exchange between browser and server, the OpenSSL software was relying on a packet size variable from the user. This packet size would be grabbed from memory and sent back to the user as part of the heartbeat.

Do I need to do anything?

While Zane Benefits has resolved the issue, we strongly recommend that you reset your password. Click here to login now and change your password.

Learn how an HRA works for employers in our latest webinar
Watch the recording today, and learn how an HRA can help your organization.
meeting_wide-1 CTA_purp_R