This site makes extensive use of JavaScript.
Please enable JavaScript in your browser.
Live
PTR
10.2.7
PTR
10.2.6
Beta
Heartbleed bug; does it affect Wowhead and ZAM?
Post Reply
Return to board index
Post by
H3Knuckles
So, it's nice to see that Battle.net is okay, but I can't find anything about whether Wowhead is affected or not, or if ZAM network accounts are susceptible. Do either use OpenSSL? If so, have you updated? I'm trying to find out if I should reset my passwords or not.
Post by
Nulgar
Either way, if your Wowhead/ZAM login is similar or even identical to logins used elsewhere, it would be wise to change your password.
By now, the major sites should have at least a fix in, if without an official statement.
Post by
H3Knuckles
Thankfully that isn't a problem, all my passwords are unique. But the 2 testers I tried with Wowhead and ZAM gave inconclusive results, which left me unclear as to whether I should bother yet.
You probably know all of this already, but the issue is that until a site has patched their OpenSSL resetting your password doesn't accomplish anything, but even worse than that, the Heartbleed Bug makes it possible to obtain a site's encryption key, so if a site hasn't replaced their SSL certificate there's the chance that patching the OpenSSL version won't fix anything. For the most part I've just been going on whether or not a site has patched their software yet, but I thought it couldn't hurt to ask where Wowhead stood.
Post by
Sas148
Hopefully you'll get an answer later today/tomorrow now that the weekend is over.
Post by
matilley
According to Qualsys SSL Labs check (see below), wowhead.com is not currently vulnerable to the Heartbleed bug.
https://www.ssllabs.com/ssltest/analyze.html?d=wowhead.com
Still, official answer would be welcome as the current certificate shows date of April 9, just after the public notifications hit the net. So, I assume they were beforehand?
Post Reply
You are not logged in. Please
log in
to post a reply or
register
if you don't already have an account.