OpenSSL TLS heartbeat read overrun defect (Heartbleed)

Updated on 01 Apr 2024
1 Minute to read

Print
Share
Dark
Light
PDF

Article summary

Did you find this summary helpful?

Thank you for your feedback

Are Pharos products affected by the OpenSSL "Heartbleed" defect?

The OpenSSL TLS heartbeat read overrun defect (CVE-2014-0160), termed "Heartbleed", specifically affects the OpenSSL 1.0.1 libraries. The exploit targets web services via the TLS extension for heartbeat.

h ttps://www.openssl.org/news/secadv_20140407.txt

Most Pharos products are based upon Microsoft libraries, not OpenSSL. Pharos EDI and SignUp rely on Microsoft IIS. MobilePrint relies upon .NET Web-API. These systems use Microsoft SSL libraries, such as SChannel, not OpenSSL.

h ttp://blogs.technet.com/b/erezs_iis_blog/archive/2014/04/09/information-about-heartbleed-and-iis.aspx

Not all supporting libraries are Microsoft. Each Development team is evaluating their non-Microsoft libraries to confirm whether any Pharos products are affected.

Thus far, Development has finished their review of the following products and concluded that they are not affected.

Uniprint - All versions
Blueprint - All versions
MobilePrint - All versions
Omega PSX - Firmware 1.1.4
Omega PS200 - Firmware 1.0.1
Omega PS60 - Firmware 1.1.4
Omega PS60B - Firmware 1.0.0

We'll continue to post updates to this article as we continue evaluating all of our products.

Was this article helpful?

What's Next

The "Advanced" printer icon appears to be grayed out and or does not do anything when clicked while installing MAC Popups.

OpenSSL TLS heartbeat read overrun defect (Heartbleed)

Related articles

What's Next