The Heartbleed virus is the latest in a series of viruses that steal all of your personal information, and its widespread enough that it can be considered an epidemic. In this day and age, a computer virus is just as annoying as a biological virus. So, what is it, and what can you do to protect yourself from it?
The Heartbleed bug is a bug in the open-source cryptography library, OpenSSL, which allows an attacker to read the memory of a server or a client, allowing them to retrieve, for example, a server's SSL private keys. Examinations of audit logs appear to show that some attackers may have exploited the flaw for 5 months before it was rediscovered and published. On April 7, 2014, it was announced that OpenSSL 1.0.2-beta, as well as all versions of OpenSSL in the 1.0.1 series prior to 1.0.1g had a severe memory handling bug in their implementation of the TLS Heartbeat Extension. This defect could be used to reveal up to 64 kilobytes of the application's memory with every heartbeat. Its CVE number is CVE-2014-0160.
The bug is exercised by sending a malformed heartbeat request to the server in order to elicit the server's memory response. Due to a lack of bounds checking, the affected versions of OpenSSL never verified that the heartbeat request was valid, allowing attackers to bring about inappropriate server responses.
This application gets you the info you need to fix this issue.