in your browser.
Heartbleed bug; does it affect Wowhead and ZAM?
Return to board index
So, it's nice to see that Battle.net is okay, but I can't find anything about whether Wowhead is affected or not, or if ZAM network accounts are susceptible. Do either use OpenSSL? If so, have you updated? I'm trying to find out if I should reset my passwords or not.
Either way, if your Wowhead/ZAM login is similar or even identical to logins used elsewhere, it would be wise to change your password.
By now, the major sites should have at least a fix in, if without an official statement.
Thankfully that isn't a problem, all my passwords are unique. But the 2 testers I tried with Wowhead and ZAM gave inconclusive results, which left me unclear as to whether I should bother yet.
You probably know all of this already, but the issue is that until a site has patched their OpenSSL resetting your password doesn't accomplish anything, but even worse than that, the Heartbleed Bug makes it possible to obtain a site's encryption key, so if a site hasn't replaced their SSL certificate there's the chance that patching the OpenSSL version won't fix anything. For the most part I've just been going on whether or not a site has patched their software yet, but I thought it couldn't hurt to ask where Wowhead stood.
Hopefully you'll get an answer later today/tomorrow now that the weekend is over.
According to Qualsys SSL Labs check (see below), wowhead.com is not currently vulnerable to the Heartbleed bug.
Still, official answer would be welcome as the current certificate shows date of April 9, just after the public notifications hit the net. So, I assume they were beforehand?
You are not logged in. Please
to post a reply or
if you don't already have an account.
Other ZAM Sites
Final Fantasy XI
© 2018 ZAM Network LLC