igor - Fotolia

OpenSSL bug serious – but no Heartbleed, say experts

OpenSSL certificate verification flaw lets attackers impersonate cryptography-protected websites, email servers and virtual private networks (VPNs)

The anxiously awaited “high severity” security defect in OpenSSL is serious and vulnerable organisations should act fast – but it is no Heartbleed, say security experts.

An announcement from the OpenSSL team about an unspecified flaw raised the spectre of a second Heartbleed.

But, while it is still serious, security experts say the newly announced certificate verification flaw is nowhere as serious as the Heartbleed vulnerability that enabled attackers to extract data that includes cryptographic keys for digital certificates used to secure online transactions without being detected.

The certificate verification flaw can enable attackers to impersonate cryptographically protected websites, email servers, virtual private networks (VPNs) or any internet service using affected versions of the OpenSSL cryptography library to provide an open source implementation of the Secure Sockets Layer (SSL) and Transport Layer Security (TLS)protocols.

In other words, attackers could set up bogus, malicious websites, email servers or internet services that appear to be secured TLS/SSL, lulling users into a false sense of security.

The flaw could also enable attackers to force vulnerable user applications into treating an invalid certificate as a legitimate TLS or SSL credential, enabling the attackers to monitor connections between a user and a trusted server, and even modify data passing between them.

Apps vulnerable to OpenSSL hack

The vulnerability exists in OpenSSL versions 1.0.2c, 1.0.2b, 1.0.1n, and 1.0.1o, and appears to have been introduced in June 2015 – which means the flaw was detected and fixed within a month, compared with two years in the case of Heartbleed.

Fortunately, the flaw exists in only four versions of OpenSSL and can be exploited only when browsers or user applications use a vulnerable version of OpenSSL for certificate verification.

Read more about crypto keys and digital certificates

This means that users of Google Chrome, Mozilla Firefox, Microsoft Internet explorer and Apple iOS are safe, because none use OpenSSL by default.

Although some versions of Android use OpenSSL, none are affected by the OpenSSL flaw, according to Google cryptography engineer Adam Langley.

However, individual apps often use their own code for verifying certificates, and may still be vulnerable – even when running on an operating system that does not use OpenSSL.

Ivan Ristic, director of engineering at security firm Qualys, also warns that there are lots of server-type tools that might use OpenSSL for client operations.

“For them, this vulnerability is potentially significant, but attackers would need to exploit them on a case-by-case basis. However, this problem was introduced only last month; it's brand new,” he said.

Blind trust in certificate authorities

"I doubt that many systems use this very recent version. This is going to affect only people who actively use the latest OpenSSL version, and that's a very small number."

However, Cris Thomas, strategist at Tenable Network Secuity, said the flaw could leave communications once thought to be secure open to eavesdropping by a third party.

“While this may not be a remote code execution bug, it is still pretty severe, as it completely removes the protections that people use OpenSSL. Users of affected versions of OpenSSl should upgrade to 1.0.1p or 1.0.2d as soon as possible,” he said.

Thomas added that anyone still using OpenSSL versions 1.0.0 and 0.9.8 should note that support for these versions – including security updates – will stop at the end of 2015.

Kevin Bocek, vice-president of security strategy and threat intelligence at Venafi, warned that bad actors have learned that enterprises are blindly trusting certificate authorities.

“This means, that often the easiest, fastest and most effective way to inject malware onto corporate networks is by signing the malware with compromised or stolen digital certificates,” he said.

According to Bocek, attackers know that most organisations cannot detect or respond to anomalous certificates that authenticate systems and users on their networks, devices and applications.

“Attackers commonly exploit this, and that is the fear with this newly uncovered vulnerability. Global companies typically have tens of thousands of keys and certificates and the majority do not take an accurate inventory of them, do not know where they are deployed, who is using them and do not have the right systems in place to secure them,” he said.

Bocek said enterprises need to know what certificates are trusted and where they are on every server and device.

“Until that happens, we'll continue to see vulnerabilities and full-scale breaches occur with many other organisations,” he said.


Read more on Hackers and cybercrime prevention