As many of you are aware, researchers discovered a critical defect in versions 1.0.1 and 1.0.2-beta of OpenSSL, the cryptographic software library. Due to the impact of this specific OpenSSL vulnerability, known as the Heartbleed bug, products with affected versions can expose user passwords and private keys.
Dell is actively investigating, across our entire product base, the extent to which the OpenSSL Heartbleed vulnerability might be present. Many of our products are already protected against exploits of this vulnerability, and we are actively closing any remaining issues as quickly as possible. The security of Dell systems powering Dell.com are not affected by this issue.
You can check for a particular product or application’s status here. You can also call Dell Tech Support. Separately, we recommend checking with other vendors and third parties to better understand any possible vulnerability for non-Dell products and software.
Dell has a long-standing commitment to design, build and ship secure products and quickly address instances when issues are discovered. Our highest priority is the protection of customer data and information. We take very seriously any issues that may impact the integrity of our products or customer security and privacy. We will continue to communicate with our customers in a transparent manner, and will update this site as we learn more.
For information about the vulnerability known as the Heartbleed bug, see CVE-2014-0160 on the NIST website.