Lindsay Lamb

Pharos Product Update: Heartbleed Announcement

Blog Post created by Lindsay Lamb on Apr 16, 2014

At Pharos, we understand and share your concerns about the software products you use and the manner in which they should function within your environment. In light of the Heartbleed security vulnerability recently exposed in the OpenSSL cryptography library, we have thoroughly reviewed our product lines.  We are pleased to announce that our engineers have not uncovered any vulnerability in the Uniprint, Blueprint, MobilePrint, and our cloud-based product lines, which do not use OpenSSL.

While our Omega terminal products do use OpenSSL, the majority of these use an earlier version of OpenSSL that does not have the Heartbleed vulnerability. In one custom configuration limited to a single customer, the vulnerable version of OpenSSL has been found.  Following the recommendations of the Open SLL Software Foundation, Pharos is working closely with this customer to resolve the limited risk situation with an update to their firmware, which is already being tested in the customer’s environment. 

Rest assured that Pharos is committed to the resolution of any security concerns of our customers and partners.