Xerox recently issued a news release on the status of its products and whether they are affected by the recent Heartbleed bug, a vulnerability in the popular OpenSSL cryptographic software library Version 1.0.1 to 1.0.1f. They report the following:
Although no large-scale attacks have yet been reported, easy-to-use code to exploit the vulnerability and steal data has been posted on the Internet. Xerox states, “We are committed to protecting the data assets of our customers and partners and will provide additional information as it becomes available.”
Xerox reports it is following the course of actions recommended by www.OpenSSL.org and other trusted security industry authorities working on this issue. At this time the company believes a small number of its offerings – both products and services – are affected. Several of its products, software and solutions have been evaluated and determined as cleared of any potential risk. You can find a list of those products, software and solutions here.
For general security information for your product, visit www.xerox.com/security.
Currently, the only Xerox product identified as being affected by the vulnerability created by the bug is the monochrome WorkCentre 3315/3325. Several other color and monochrome hardware devices are still under investigation. None of the company’s managed services software products are listed as being affected.
Stay on top of the latest industry news. Have news to share? We want to help you spread the word. Submit your media releases to firstname.lastname@example.org