Safe Computing
Home Students Faculty and Staff IT Security Community



Welcome to Safe Computing at the University of Michigan

Heard About the Heartbleed Bug?

April 10, 2014; last updated April 11, 2014

What is it? Web sites and servers around the world that use certain versions of OpenSSL software could be vulnerable to the Heartbleed bug, a serious security vulnerability. Affected sites are susceptible to information theft. Some popular websites outside the university have been reported as vulnerable.

What is U-M doing? Most U-M owned servers and websites are now protected from Heartbleed. There is no evidence that any U-M sites have been compromised. ITS and U-M units expect to complete the identification and patching process shortly.

What can you do to protect yourself? Be prudent about which sites you log in to, both outside and inside U-M, for the next several days.

  • U-M faculty, staff, and students should watch for a message telling them that patching is complete and recommending that they change their UMICH password.
  • Visit these sites to learn if a website you use is affected by the vulnerability:
  • Wait a few days to allow time for other websites to patch their systems, then change your password. Changing your password while a site is still vulnerable does not protect you.
  • Beware of phishing emails. Criminals may use the Heartbleed bug as an opportunity to try to trick you into revealing your password or other personal information.

Other Tips and Helpful Links

Find out how to protect your home computer, your information and your identity against online threats, and what the University of Michigan is doing to protect institutional data and networks.

Help for maintaining the security of your personal computer, and protecting the privacy of your data.
IT policies and guidance on properly securing information assets as well as how the university and federal laws define sensitive data. For the U-M community only.
Information and tracking on the IT Security Program at U-M. Requires MToken.

<HR>

Spear Fishing - Don't Get Caught
Password Reset

Microsoft Ending XP Support
go to Security Shorts step-by-step resources for taking control of your computer security