QNAP's presserum
Hold dig opdateret med de seneste nyheder og priser, og hold kontakt vores team
QNAP Releases System Updates to Fix Heartbleed OpenSSL Vulnerability
Taipei, Taiwan, April 18, 2014 – QNAP® Systems Inc. today announced firmware updates for Turbo NAS systems with vulnerability to the OpenSSL Heartbleed bug (CVE-2014-0160). The operating systems vulnerable to Heartbleed are QTS versions 4.0 and 4.1. Versions 3.8 and earlier use a different version of OpenSSL and are not affected by the OpenSSL Heartbleed bug.
As described on the Common Vulnerabilities and Exposures website, some versions of the OpenSSL TLS and DTLS implementation do not properly process Heartbeat Extension packets which allow remote attackers to obtain sensitive information by reading private keys (aka the Heartbleed bug).
“We strongly urge users of vulnerable Turbo NAS systems to update their firmware,” said Jason Hsu, Product Manager of QNAP. “Users are also recommended to contact their SSL providers to regenerate their SSL CSR/keys for server protection.”
To obtain the system updates (QTS 4.0.7 and QTS 4.1.0 RC2) with recompiled OpenSSL, please download from www.qnap.com/i/en/product_x_down/ or have your Turbo NAS perform a live update via the QTS control panel.
For more information, please contact us at http://helpdesk.qnap.com/
Om QNAP
QNAP (Quality Network Appliance Provider) er dedikeret til at levere omfattende løsninger inden for softwareudvikling, hardwaredesign og intern produktion. Med fokus på lagring, netværk og smarte videoinnovationer introducerer QNAP nu en revolutionerende cloud-NAS-løsning, der slutter sig til vores banebrydende abonnementsbaserede software og alsidige servicekanaløkosystem. QNAP ser NAS som mere end blot enkel lagring, og har skabt en cloudbaseret netværksinfrastruktur, som brugerne kan bruge til at hoste og udvikle kunstig intelligens-analyse, avanceret databehandling og dataintegration på deres QNAP-løsninger.
