A new OpenSSL vulnerability has been discovered and a patch is now available. The new vulnerability, Drown, decrypts TLS sessions on servers supporting SSL v2 and using RSA key exchange. All Mean Servers infrastructure has been upgraded and patched to protect against this vulnerability including our shared servers, VPS hypervisors, and all managed clients. Those with unmanaged services are highly recommended to patch their operating systems immediately to protect against DROWN.
If you need assistance in patching your system, please open a sales ticket with Mean Servers. For the next 2 weeks, we will do an entire system upgrade and patching for clients by mentioning this announcement for only $19. The normal cost of our security lockdown and patching/upgrading is $39.
Tuesday, March 1, 2016