magicbus wrote:
I develop financial software and we transfer many billions of $$$ per day through our various products. This was an interesting exercise for our teams as we all had to confirm our susceptibility to this bug. Of our 9 products none were affected. Our older products use a pre-bug version and there was never any reason to upgrade. Our newer products use post-bug releases. I suspect many banking products are like I ours... older than 2 years and never updated.
Dave
If you didn't update openssl in more than 2 years you were missing many vulnerability fixes. Security software updates are generally pretty important.
