Security and safety are top priorities in designing and using our HMI and SCADA software, and we care about protecting everyone who uses InduSoft Web Studio. Since the disclosure of The Heartbleed Vulnerability, we know that there might be some concern about what software is safe from this vulnerability. InduSoft has tested and confirmed that our software currently does not, and has not in the past, used any of the affected OpenSSL libraries that were found to be vulnerable to Heartbleed.
The Heartbleed Vulnerability, or “Heartbleed” for short, was discovered in some OpenSSL libraries by Codenomicon and was subsequently reported to US-CERT and ICS-CERT. The public disclosure of Heartbleed and subsequent release of a fixed version occurred on April 7, 2014.
OpenSSL is a set of cryptographic open source libraries used when creating software applications, that many different types of web servers use to encrypt web-based communications. Servers using the affected OpenSSL libraries could be tricked into disclosing information that should be kept private (such as logon credentials and passwords from recent transactions).
For more information how Heartbleed can open users to vulnerability, read more on Wikipedia®
If you have any questions about Heartbleed or any security related concerns, you are always invited to contact InduSoft Technical Support. We will continue to ensure that the security of InduSoft HMI/SCADA software and of your applications is always a top concern.