Many of you may have read or heard about the Heartbeed bug this week. The Heartbeet bug is more of a possible exploit in the open-source code of OpenSSL, a very popular encryption method used in online services based on a Linux architecture. The condition was introduced over 2 years ago by one of the many volunteers who contribute to open source projects like OpenSSL and despite being reviewed numerous times, the exploit went undetected until a few days ago. The oversight in the code was forgetting to limit how large a response would be allowed to a module called a “Heartbeat” (hence the name Heartbleed). Countless websites have used OpenSSL in both the public and private sector.
Some clients have contacted HMS asking if TimeControl Online might be affected. The answer is that it is not affected by the Heartbleed bug. TimeControl Online does not use OpenSSL.