A new security flaw called “Heartbleed” is wreaking havoc on 66 percent of the internet this week. Heartbleed is a bug that affects an important Internet security protocol called SSL. Specifically, it affects one particular implementation of SSL called OpenSSL.
SSL stands for Secure Sockets Layer, a protocol used for users login credentials. One of the most popular software implementations of SSL is OpenSSL, used by two thirds of currently active websites, according to Huffington Post.
Heartbleed is a bug in OpenSSL. Hackers can exploit Heartbleed to get raw text from emails, instant messages, passwords, even business documents — anything a user sends to a vulnerable site’s server.
There’s not much you as a user can do to protect yourself from the security bug that has already been active for two years and only now has been discovered. The most vulnerable sites include OKCupid, Flickr, Imagur, Yahoo Mail and Yahoo.com. Google, Wikipedia, Youtube and Facebook remain unaffected, writes press-mania.ro.
Users can test if their favorite websites are vulnerable here, though the service is reportedly not 100 percent reliable.
Vulnerable sites should not be logged into until they’re patched — check those sites’ blogs or Twitter feeds for updates — and once a website has its patch in place, you should change your password for that site as soon as possible.