KBA not affected by "Heartbleed" bug
Over the last few days various media reports have warned about issues regarding encrypted communication via OpenSSL, the so-called "Heartbleed" bug. Remote maintenance on sheetfed and web offset presses as well as security presses from Koenig & Bauer (KBA) is, however, not affected.
KBA relies on encrypted connections via IPsec for its internet-based remote maintenance. This technology is not affected by the "Heartbleed" bug. Only the hardware's configuration interface via an encrypted connection by means of HTTPS firmware versions 8.0.0 and 8.0.1 uses the vulnerable version of OpenSSL. KBA does not implement these firmware versions. Furthermore, for security reasons the configuration interface is set by default that it is only accessible from the press network, hence from the internal interface.
Innominate, the manufacturer of the hardware implemented by KBA, has issued a security advisory which provides more details on the "Heartbleed" bug and measures to remedy the problem (it can be viewed at: http://www.innominate.com/data/downloads/software/innominate_security_advisory_20140411_001_en.pdf). VPN technology successfully implemented by KBA over many years for remote maintenance therefore does not pose a security risk.
