Some more heartache from Heartbleed: it affects routers too. Cisco Systems and Juniper Networks have announced that the security hole that is Heartbleed has been found in their networking equipment.
It’s perhaps not too surprising that the bug — basically a simple flaw in OpenSSL that allows attackers to bypass the usual security protocols used by many sites — is present in networking devices. After all, they use SSL too, and older devices naturally use an older version.
It is, however, a laborious task to check hardware for the flaw. Fortunately, not all networking hardware is affected, because they don’t all use the same version of OpenSSL. So far, only Cisco Systems and Juniper Networks had admitted that their devices are at risk.
You can check to see if your Juniper Networks device is affected here and here, or your Cisco Systems device here. Both companies are working on patches for the affected hardware, which you’ll want to download and install ASAP. [Wall Street Journal via Engadget]