I'd like to know whether Yahoo! has fixed its Heartbleed vulnerability and gotten "new cryptographic locks"?
I'm so glad that I don't do anything really important through Yahoo!
Five answers:
?
2014-04-11 11:59:01 UTC
Thanks for asking about this question! This was an exploit existing in software used by a wide variety of websites, and has been the subject of much work and scrutiny by many website operators!
For Yahoo's official response to this about the work we've done and are doing to ensure this does not exist on any of our servers, please have a look at:
https://help.yahoo.com/kb/SLN24021.html
You can also use the following website tool (which is not affiliated with Yahoo) to check your favorite sites to ensure they are not vulnerable to this exploit:
http://filippo.io/Heartbleed/
Thank you for checking on the status of this issue, and I hope you find this helpful!
Oh, and FYI, it has nothing to do with Yahoo, it has to do with OpenSSL, which the most widely used SSL on the internet.
?
2014-04-09 18:31:42 UTC
Who knows, who cares.
It's been around for 2 years if they wanted your email they would have gotten it already.
but since yahoo was used in news articles as an example i'd say yes.
2014-06-06 08:56:30 UTC
You should check - http://thehackernews.com/ to know more.
Blue Sky
2014-04-11 06:43:25 UTC
From what I have just read about it, Yahoo has fixed it but one would think they would have the courtesy to email us and tell us it's ok to change our passwords. I agree with everyone else, if scum bags wanted our passwords they would have gotten them by now. But wait until you hear from the sites you log into to change your passwords. Otherwise you might have to do it again.
ⓘ
This content was originally posted on Y! Answers, a Q&A website that shut down in 2021.