A major flaw in the World Wide Web, known as ‘Heartbleed’ Bug, has been found in the OpenSSL (open-source software package), broadly used to encrypt Web communications, putting every computer at risk.
The major flaw can essentially allow attackers to gain access to highly sensitive information, including credit card numbers, usernames, passwords, and other sensitive data.
According to TechCrunch, the vulnerability allows attackers to steal the information that is normally protected by SSL/TLS encryption, which is used to protect Web applications, e-mail communications, instant messaging (IM) and some virtual private networks (VPNs).
That means a lot of Internet users are affected.
Nicholas Weaver, a security researcher, said that there will be a lot of vulnerable servers a year from now, which won’t get fixed.
In an emailed statement, Yahoo said Heartbleed was recently identified impacting
many platforms that use OpenSSL, including the company’s.
It added that as soon as the company became aware of the vulnerability they successfully
made the appropriate corrections across the main Yahoo properties (Yahoo
Homepage, Yahoo Search, Yahoo Mail, Yahoo Finance, Yahoo Sports, Yahoo
Food, Yahoo Tech, Flickr and Tumblr), the report added. (ANI)