- Albert Zenkoff
- Technology, attack, critical, HeartBleed, library, Microsoft Secure Channel, no mitigation, no workaround, patch, remote, remote code execution, SChannel, vulnerability, WinBleed
The lot of hype around the so-called “Heartbleed” vulnerability in open-source cryptographic library OpenSSL was not really justified. Yes, many servers were affected but the vulnerability was quickly patched and it was only an information disclosure vulnerability. It could not be used to break into the servers directly. Now we have Microsoft Secure Channel library ...