Is Symantec Encryption Desktop vulnerable to the OpenSSL "Heartbleed" attack (CVE-2014-0160)?
search cancel

Is Symantec Encryption Desktop vulnerable to the OpenSSL "Heartbleed" attack (CVE-2014-0160)?

book

Article ID: 159179

calendar_today

Updated On:

Products

Desktop Email Encryption Drive Encryption

Issue/Introduction

Only OpenSSL versions 1.0.1 and 1.0.2-beta releases (including 1.0.1f and 1.0.2-beta1) are affected by the "Heartbleed" bug (CVE-2014-0160). Versions below 1.0.1 (such as 0.9.8) are not affected.

See https://www.openssl.org/news/secadv_20140407.txt for more information.

Resolution

Symantec Encryption Desktop, Symantec Drive Encryption, PGP Desktop, and PGP Whole Disk Encryption do not utilize openssl and therefore are not vulnerable to this attack.


Powered by Wolken Software