QNAP® Systems Inc. recently announced firmware updates for Turbo NAS systems with vulnerability to the OpenSSL Heartbleed bug (CVE-2014-0160). The operating systems vulnerable to Heartbleed are QTS versions 4.0 and 4.1. Versions 3.8 and earlier use a different version of OpenSSL and are not affected by the OpenSSL Heartbleed bug.

As described on the Common Vulnerabilities and Exposures website, the OpenSSL 1.0.1 TLS and DTLS implementation, before 1.0.1g, does not properly process Heartbeat Extension packets which allow remote attackers to obtain sensitive information by reading private keys (aka the Heartbleed bug).

“We strongly urge users of vulnerable Turbo NAS systems to update their firmware,” said Jason Hsu, Product Manager of QNAP. “Users are also recommended to contact their SSL providers to regenerate their SSL CSR/keys for server protection.

Related videos

Find Lost Wallet with Dahua WizSeek

Find Lost Wallet with Dahua WizSeek
Dahua Traffic Signal Controller Highlight

Dahua Traffic Signal Controller Highlight
Insta DomainLink Secret™

Insta DomainLink Secret™

In case you missed it

Which vertical markets have the greatest growth potential for security?
Which vertical markets have the greatest growth potential for security?

To serve various vertical markets and industries effectively, security professionals must recognise that each sector has unique assets, risks, compliance requirements, and operatio...

Marin Hospital enhances security with eCLIQ access control
Marin Hospital enhances security with eCLIQ access control

The Marin Hospital of Hendaye in the French Basque Country faced common challenges posed by mechanical access control. Challenges faced Relying on mechanical lock-and-key technol...

What’s behind (perimeter) door #1?
What’s behind (perimeter) door #1?

A lot has been said about door security — from reinforced door frames to locking mechanisms to the door construction — all of which is crucial. But what security measur...

Featured white papers
One system, one card

One system, one card

Download
Enhancing physical access control using a self-service model

Enhancing physical access control using a self-service model

Download
Aligning physical and cyber defence for total protection

Aligning physical and cyber defence for total protection

Download
Understanding AI-powered video analytics

Understanding AI-powered video analytics

Download
How to implement a physical security strategy with privacy in mind

How to implement a physical security strategy with privacy in mind

Download
More product news
SICNT releases MASHEN N2, its 4 and 8 channels super mini NVR

SICNT releases MASHEN N2, its 4 and 8 channels super mini NVR
Dahua expands its Eco-Savvy 3- Megapixel 5000-series network cameras

Dahua expands its Eco-Savvy 3- Megapixel 5000-series network cameras
Dahua launches its 3MP Ultra-Smart network camera, DH-IPC-8000

Dahua launches its 3MP Ultra-Smart network camera, DH-IPC-8000
Featured products
Hikvision AOV 4G Solar Camera Series for Off-Grid Video Security

Hikvision AOV 4G Solar Camera Series for Off-Grid Video Security
KentixONE – IoT Access and Monitoring For Data Centres

KentixONE – IoT Access and Monitoring For Data Centres
Climax Technology HSGW-Gen3 Modular Smart Security Gateway

Climax Technology HSGW-Gen3 Modular Smart Security Gateway