KBA not affected by "Heartbleed" bug

KBA remote maintenance is secure!

Würzburg, (PresseBox) - Over the last few days various media reports have warned about issues regarding encrypted communication via OpenSSL, the so-called "Heartbleed" bug. Remote maintenance on sheetfed and web offset presses as well as security presses from Koenig & Bauer (KBA) is, however, not affected.

KBA relies on encrypted connections via IPsec for its internet-based remote maintenance. This technology is not affected by the "Heartbleed" bug. Only the hardware's configuration interface via an encrypted connection by means of HTTPS firmware versions 8.0.0 and 8.0.1 uses the vulnerable version of OpenSSL. KBA does not implement these firmware versions. Furthermore, for security reasons the configuration interface is set by default that it is only accessible from the press network, hence from the internal interface.

Innominate, the manufacturer of the hardware implemented by KBA, has issued a security advisory which provides more details on the "Heartbleed" bug and measures to remedy the problem (it can be viewed at: http://www.innominate.com/data/downloads/software/innominate_security_advisory_20140411_001_en.pdf). VPN technology successfully implemented by KBA over many years for remote maintenance therefore does not pose a security risk.

Press releases you might also be interested in

Subscribe for news

The subscribtion service of the PresseBox informs you about press information of a certain topic by your choice at a choosen time. Please enter your email address to receive the email with the press releases.

An error occurred!

Thank you! You will receive a confirmation email within a few minutes.

I want to subscribe to the gratis press mail and have read and accepted the conditions.