Important information regarding the Heartbleed bug and Blackbaud Hosting Services

Many of you may have recently heard about the vulnerability named the “Heartbleed bug” (CVE‑2014‑0160) announced by a team of security researchers. This potential security risk affects SSL, the protocol most commonly used to secure transmission of sensitive data on the web, from credit cards to personal information, and the very keys that protects that data.  In this context, we would like to inform you that your Blackbaud Hosting Services products are secure.

More specifically, this vulnerability only affects software that uses the OpenSSL cryptographic libraries, typically based on Linux.  It does not affect all software that uses SSL; only software based on OpenSSL.

Nearly all of the products in Hosted Services do not use the OpenSSL libraries, such as the Gen7 products, Blackbaud Payment and Merchant Services, Netcommunity, ALTRU, and BB CRM, are not affected by this issue.  We have externally tested and validated that the products that may use OpenSSL, including Luminate Online, Team Approach, Donor Direct, and eTapestry do not have this vulnerability.

More information, including the list of products that are not affected, can be found in the Knowledgebase solution, OpenSSL vulnerability CVE-2014-0160 also known as “heartbleed”.

Are you new to the hosting environment or a new administrative user? Sign up for our free Hosting Webinar!