UPDATE - OpenSSL Heartbleed Extension Vulnerability for Verizon Conferencing services (Updated April 29, 2014)Verizon conferencing continues to address the OpenSSL security vulnerability known as "Heartbleed." We have inventoried and assessed our infrastructure to identify potential areas of concern, implemented a process for gathering information from our suppliers and substantially completed patching/upgrading of the affected Verizon systems, applications and devices. Verizon's assessments and scans are ongoing, and, as a precautionary measure, Verizon continues to maintain an increased level of monitoring and surveillance of its infrastructure designed to mitigate this risk.
Fortunately, all web services provided by and supporting Verizon Conferencing, such as e-Meetings, MyMeetings, and API integration sites, are using a non-vulnerable version of OpenSSL. More information is available at this web site : https://www.us-cert.gov/ncas/current-activity/2014/04/08/OpenSSL-Heartbleed-Vulnerability
Further, Cisco and Microsoft have notified Verizon of a security advisory for the OpenSSL Heartbleed Security Extension Vulnerability related to the Cisco WebEx suite of products and the Microsoft® Office Live Meeting product. Cisco and Microsoft have confirmed their net conferencing services are not affected.
Note: Cisco WebEx Messenger was initially reported as vulnerable but has been remediated
For those customers affected, Verizon has remediated the Open Video device that was identified by Cisco as being vulnerable - a VCS upgrade to 7.2.3 was deployed on April 21, 2014.
The Cisco advisory is available at the following link:
Cisco Security Advisory: OpenSSL Heartbeat Extension Vulnerability in Multiple Cisco Products
The Microsoft advisory is available at the following link:
If you have any further questions or concerns, don't hesitate to contact your Verizon Conferencing account manager for further information.
Customer questions for net conferencing products are being directed to Conferencing Support at firstname.lastname@example.org or 866-449-0701. Also, you may submit your inquiry via the following 'Contact Us' link: https://e-meetings.verizonbusiness.com/global/en/contactus.php
Thank you for choosing Verizon Conferencing.
Verizon Conferencing Support