The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet. Popular internet services like Yahoo Mail, Yahoo Messenger and many others are affected by this bug. Microsoft today confirmed that Microsoft Account and Microsoft Azure, along with most Microsoft Services, were not impacted by the OpenSSL vulnerability. The Heartbleed vulnerability in OpenSSL (CVE-2014-0160) has received a significant amount of attention recently.  While the discovered issue is specific to OpenSSL, many customers are wondering whether this affects Microsoft’s offerings, specifically Microsoft Azure. Microsoft Account and Microsoft Azure, along with most Microsoft Services, were not impacted by the OpenSSL vulnerability. Windows’ implementation of SSL/TLS was also not impacted. Microsoft Azure Web Sites, Microsoft Azure Pack Web Sites and Microsoft Azure Web Roles do not use OpenSSL to terminate SSL ...

Read More →