HeartBleed Update

BrightSign and the Heartbleed Vulnerability

This statement is related to the recent Heartbleed vulnerability with OpenSSL and its potential effect on BrightSign products.

BrightSign Players

BrightSign players do not use OpenSSL to communicate with the BrightSign Network (or remote web servers if set up for Simple File Networking), nor do they use OpenSSL to retrieve HTML resources from remote locations. Therefore, the players themselves were at no time vulnerable to attacks.

BrightSign Network

Several of the BrightSign Network servers use OpenSSL to communicate with players, BrightAuthor, and web browsers (via the WebUI). All servers were patched, fixing the OpenSSL vulnerability, by the end of Saturday, April 12th (PDT).

If you have sensitive information on your BrightSign Network account, we recommend changing your account password (by logging in to the BrightSign Network, clicking on the Account tab, and entering information into the Password Reset fields).

Have more questions? Submit a request

3 Comments

  • 0
    Avatar
    Martin

    My web browser started giving me this error when trying to go to Brightsignnetwork.com

     

    (Error code: sec_error_revoked_certificate)

  • 0
    Avatar
    Alex

    What web browser are you using? Please repeat the test and confirm if the problem still exists.

  • 0
    Avatar
    BrightSign Support Manager

    Martin,

    We updated the SSL certs yesterday. A small number of users were impacted while the update was going on. Everything is back up and running normally.

Please sign in to leave a comment.
Can't find what looking for? Try to
Powered by Zendesk