As the Heartbleed bug still stands as one of the biggest security vulnerabilities that has been seen in recent years, we are hearing continuing news of security patches and updates coming out to close the loopholes that are found in each instance of OpenSSL.
The latest update that we are hearing of comes from one of the leading NAS manufacturers, QNAP. Released today, QNAP’s security patch is targeted at system operating systems that run on QTS versions 4.0 and 4.1 – earlier releases use and earlier version of OpenSSL which appears to be unaffected.
“We strongly urge users of vulnerable Turbo NAS systems to update their firmware,” said Jason Hsu, Product Manager of QNAP. “Users are also recommended to contact their SSL providers to regenerate their SSL CSR/keys for server protection.”
Whilst QNAP are urging users with the above QTS releases to update their systems, either by running an update through the QTS control panel or by downloading the patch manually.
In addition to this I will point out that keeping your system up to date with the latest firmware and software releases is always highly recommended and even if you are running any of the earlier QTS revisions, it is still wise to update to the latest QTS 4.0.7 and 4.1.0 RC2 revisions.
Source: Press Release