Xerox is investigating the impact of the ‘Heartbleed’ bug which is a vulnerability in the popular OpenSSL cryptographic software library Version 1.0.1 to 1.0.1f. While no large-scale attacks have yet been reported, easy-to-use code to exploit the vulnerability and steal data has been posted on the Internet. Xerox is committed to protecting the data of our customers and will provide additional information as it becomes available.
Xerox will continue remediation actions recommended by www.OpenSSL.org and other trusted security industry authorities working on this issue. At this time we believe a small number of our offerings – both products and services – are affected. For a full list, visit: http://www.xerox.com/information-security/heartbleed-bug/enus.html.-XXX-
