Entire Product Line Confirmed Safe from OpenSSL Bug from Day 1
For those of you who incorporate Thecus Storage Solutions into your environment will be pleased and relieved at this bit of news released today. The Heartbleed bug does not effect you. Kudos to Thecus!
April 23, 2014, Milipitas California – Thecus today announces that its entire product line has been confirmed safe from the OpenSSL Heartbleed bug.
While Thecus NAS do make use of OpenSSL, the specific branches adopted by Thecus’s software development team are in fact entirely unaffected by Heartbleed (as it only affects versions 1.0.1 through 1.0.1f). So when the news about Heartbleed broke, Thecus developers quickly established that Thecus devices were never vulnerable to malformed heartbeat requests.
Given the importance of confirming system vulnerability, a number of media outlets have reached out to Thecus support staff. In France, Stéphane Guérithault spoke to Next Inpact and confirmed that ThecusOS5 and OS6 were unaffected but that additional apps were being revised and updated by their respective developers so that Heartbleed fixes would be swiftly implemented.
The Past Secured, the Future Ensured
With a number of other hardware manufacturers rushing to release new firmware, reports have started to emerge suggesting that, since the Heartbleed vulnerability was accidentally introduced in March 2012, a number of parties have grown aware of and exploited the loophole. What this means is that Thecus NAS have been some of the few devices fully immune to such intrusions over the past two years.
So as networks worldwide recover from potential intrusions, Thecus users can trust that the insight and expertise that protected their NAS from the Heartbleed bug are still hard at work designing the next generation of advanced hardware and software. Because with Thecus, come rain, shine, or missing bounds checks, your data will remain safe.
Please note: Users are always advised to use the most up-to-date firmware and app versions on their NAS. Browser add-ons are also available to ensure visited websites are no longer vulnerable to Heartbleed.
For more information on Heartbleed, go to: http://en.wikipedia.org/wiki/Heartbleed
To read Next Inpact’s interview with Thecus regarding Heartbleed (original in French), go to: http://www.nextinpact.com/news/86958-faille-heartbleed-openssl-bitcoin-se-met-a-jour-certains-nas-touches.htm
For more information on Thecus, go to: http://www.thecus.com
Source: Thecus via GlobalPR