Small Business Employee Benefits and HR Blog

Heartbleed and Zane Health

April 14, 2014

heartbleedOn Monday morning, April 7th, 2014, the bug known as "Heartbleed(CVE-2014-0160) became public knowledge. Zane Benefits has addressed this issue.

What is Heartbleed, exactly?

Heartbleed (CVE-2014-0160) is a bug in OpenSSL version 1.01 and 1.02 Beta regarding SSL/TLS handling. During the heartbeat exchange between browser and server, the OpenSSL software was relying on a packet size variable from the user. This packet size would be grabbed from memory and sent back to the user as part of the heartbeat.

Do I need to do anything?

While Zane Benefits has resolved the issue, we strongly recommend that you reset your password. Click here to login now and change your password.

Want to offer a QSEHRA or ICHRA without the hassle?
Let PeopleKeep automate your benefits for you.
meeting_wide-1 CTA_purp_R