Tim Erlin, director of IT security and risk strategy at Tripwire offered the following comments and advice on an alert from The OpenSSL project team that they will be patching a high severity bug this Thursday, July 9:
Tim Erlin, Director of IT Security and Risk Strategy at Tripwire:
“This type of a pre-announcement is intended to give organizations a chance to prepare. A huge part of the heartburn with Heartbleed came from the scramble to identify where organizations were vulnerable and how to apply patches. In this case, a little organization can go a long way to a smoother patching cycle. Software vendors who use OpenSSL can be prepared to patch their code and ship new versions faster, and end-users can inventory where they have OpenSSL and set up appropriate testing environments ahead of time.”
About the Author
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.
