Posted by: Tracey Pretorius, Director, Trustworthy Computing
On April 8, 2014, security researchers announced a flaw in the OpenSSL encryption software library used by many websites to protect customers’ data.
2014年5月8日,安全研究人員公佈了為了保護客戶資料使用了OpenSSL,而OpenSSL使用函式庫中有許多網站功能的函式有漏洞。
The vulnerability, known as “Heartbleed,” could potentially allow a cyberattacker to access a website’s customer data along with traffic encryption keys.
這個漏洞叫"Heartbleed",此漏洞會有潛在允許網路攻擊者透過加密的鑰匙存取網站客戶資料的風險。
After a thorough investigation, we determined that Microsoft Services are not impacted by the OpenSSL “Heartbleed” vulnerability. In addition, Windows’ implementation of SSL/TLS was not impacted.
徹底的調查後,我們有決心說微軟的服務並沒有受到"Heartbleed"漏洞的影響。除此之外,Windows的作業系統若使用SSL/TLS的話,在這次的災害中,也是沒有任何影響的。
Microsoft always encourages customers to be vigilant with the security of their online accounts, change their account passwords periodically and to use complex passwords. More information on how to create strong passwords is available here: Microsoft Security & Safety Center: Create strong passwords.
微軟總是提醒客戶要對自己的線上帳戶時時警惕,定期改變他們的帳號密碼,並且使用複雜度密碼。如何創造較強的密碼可以到下列網址。Microsoft Security & Safety Center: Create strong passwords
https://www.microsoft.com/security/pc-security/password-checker.aspx
ref : Microsoft Services unaffected by OpenSSL "Heartbleed" vulnerability - Microsoft Security Blog - Site Home - TechNet Blogs
其實我是在練習翻譯,好久沒看英文,好吃力...
沒有留言:
張貼留言