New Heartbleed bug found

2014-06-06 10:30

Multimedia   ·   User Galleries   ·   News in Pictures Send us your pictures  ·  Send us your stories

Boston - Security researchers have uncovered new bugs in the web encryption software that caused the pernicious "Heartbleed" internet threat that surfaced in April.

Experts said the newly discovered vulnerabilities in OpenSSL, which could allow hackers to spy on communications, do not appear to be as serious a threat as "Heartbleed".

The new bugs were disclosed on Thursday as the group responsible for developing that software released an OpenSSL update that contains seven security fixes.

Experts said that websites and technology firms that use OpenSSL technology should install the update on their systems as quickly as possible.

Still, they said that could take several days or weeks because companies need to first test systems to make sure they are compatible with the update.

New flaw

"They are going to have to patch. This will take some time," said Lee Weiner, senior vice president with cyber security software maker Rapid7.

OpenSSL technology is used on about two-thirds of all websites, including ones run by, Facebook, Google and Yahoo.

It is also incorporated into thousands of technology products from companies, including Cisco Systems, Hewlett-Packard, IBM, Intel and Oracle.

The widespread Heartbleed bug surfaced in April when it was disclosed that the flaw potentially exposed users of those websites and technologies to attack by hackers who could steal large quantities of data without leaving a trace.

That prompted fear that attackers may have compromised large numbers of networks without their knowledge.

Security experts said on Thursday that the newly discovered bugs are more difficult to exploit than Heartbleed, making those vulnerabilities less of a threat.

Still, until users of the technology update their systems, "there is a window of opportunity" for sophisticated hackers to launch attacks and exploit the newly uncovered vulnerabilities, said Tal Klein, vice president of strategy with cloud security firm Adallom.

Read more on:    cybercrime

Join the conversation! encourages commentary submitted via MyNews24. Contributions of 200 words or more will be considered for publication.

We reserve editorial discretion to decide what will be published.
Read our comments policy for guidelines on contributions.
NEXT ON NEWS24X publishes all comments posted on articles provided that they adhere to our Comments Policy. Should you wish to report a comment for editorial review, please do so by clicking the 'Report Comment' button to the right of each comment.

Comment on this story
Comments have been closed for this article.

Inside News24


Millions of plastic particles in our food!

Scientists and researchers believe that almost five million tons of plastic is dumped in the oceans every year and it’s affecting our food.



Plastic on your plate
Prince George the green prince?
Lean, green, drifiting machine
One man's $1 million vision for an eco Africa

Book flights

Compare, Book, Fly

Traffic Alerts

Trying to keep time for your social commitments and friendships as well as taking care of work and health obligations can be more

There are new stories on the homepage. Click here to see them.


Create Profile

Creating your profile will enable you to submit photos and stories to get published on News24.

Please provide a username for your profile page:

This username must be unique, cannot be edited and will be used in the URL to your profile page across the entire network.


Location Settings

News24 allows you to edit the display of certain components based on a location. If you wish to personalise the page based on your preferences, please select a location for each component and click "Submit" in order for the changes to take affect.

Facebook Sign-In

Hi News addict,

Join the News24 Community to be involved in breaking the news.

Log in with Facebook to comment and personalise news, weather and listings.