INETCO Insight and the 05 June 2014 OpenSSL Security Advisory

Recent INETCO Insight versions incorporated a version of the OpenSSL package affected by vulnerability disclosures (see https://www.openssl.org/news/secadv_20140605.txt). We have updated our software and our support team will be reaching out to customers running the affected versions to offer assistance.

It is unlikely that a typical INETCO Insight deployment is vulnerable to attacks that exploit this OpenSSL bug because our software is usually deployed across private networks, making it difficult for unauthenticated, remote attackers to access either the Event Processor or the Event Collector.

Recommended Actions:
If any component of INETCO Insight is accessible via the public Internet, you should upgrade immediately.

We also recommend that customers running INETCO Insight upgrade as soon as is feasible. This is to comply with any scheduled or emergency security audits that may flag the version of OpenSSL included in these versions of INETCO Insight.

INETCO Insight 5.4.5 is now available and it includes an updated version of OpenSSL. Customers can download the release and release notes from the support site.

Please contact INETCO Support () if you have any questions or concerns.