KU and the Heartbleed Security Bug
As you may already be aware from online and mainstream news reports, the “Heartbleed" bug is widespread and quite serious. Heartbleed affects software called “OpenSSL” that runs on many servers. OpenSSL is one of the pieces of software responsible for the “s” in “https” and the closed padlock icon you see in the browser window of websites that use it.
The good news is the vast majority of servers at KU are not vulnerable to the Heartbleed bug. After the global IT security community became aware of the Heartbleed bug on April 7, KU IT staff immediately began the task of identifying and quickly patching a small number of vulnerable systems. KU IT staff are continuing to monitor systems on the network for this vulnerability.
Some frequently asked questions:
Q: Is KU IT going to require me to change my password because of Heartbleed?
A: Not at this time. If you have concerns, change your KU Online ID password at myidentity.ku.edu/password.
Q: Should I change other passwords (online banking, social media, email) because of this bug?
A: It never hurts to change your password, especially if it has been awhile. If you want to know more about specific major websites that may have been affected, this Mashable article is a pretty good reference.
For more information about Heartbleed, read this NPR article.