By now, you’ve surely heard about the Heartbleed vulnerability (CVE-2014-0160) in OpenSSL 1.0.1 through 1.0.1f (inclusive). The vulnerability has been present in OpenSSL since December 2011. Many websites have discussed the details of the bug, and I will not go into the deep technical details here. I will describe the bug at a high level, and then discuss the impact of the bug and what you should do about it. In the remainder of this post, I’ll refer to “vulnerable versions of OpenSSL” as simply OpenSSL. Overview of the Heartbleed vulnerability Although the bug that causes the Heartbleed vulnerability is in the OpenSSL library, it has nothing to do with the SSL/TLS protocols themselves. It involves code that handles the heartbeat extension (RFC 6520) for TLS/DTLS. The heartbeat messages can be sent even before a TLS handshake is completed. RFC 6520 states: However, a HeartbeatRequest message SHOULD NOT be sent during handshakes… The receiving peer SHOULD discard the message silently, if it arrives during the handshake. Due to the use of ‘SHOULD,’ these are recommendations and not requirements. OpenSSL apparently responds to heartbeat requests even before the handshake is completed. So, even servers that require client certificates for authentication are vulnerable.