Researchers recently discovered a critical OpenSSL vulnerability that was given the name “Heartbleed Bug.” For specific information on the vulnerability and its potential impact see CVE-2014-0160 on the NIST website and heartbleed.com.
While products from many security vendors are impacted, Dell SonicWALL firewalls (TZ, NSA, E-Class NSA, SuperMassive) and Email Security solutions are NOT affected by the vulnerability. Additionally, firewalls with an active Intrusion Prevention Service have, as of April 8, 2014, signatures to protect vulnerable servers against the vulnerability including Secure Remote Access (SRA) products sitting behind the firewalls.
Specific software/firmware versions running on Dell SonicWALL Secure Remote Access, GMS and Analyzer products are affected and should be patched immediately. Dell SonicWALL has made the patches available to customers regardless of whether or not the product has an active support contract. For additional information you can direct customers to the Heartbleed Bug service bulletin and the SonicALERT.
