As a side-effect of the so-called “Hearthbleed bug“, thousands of companies offering services over SSL connections are now scrambling to patch their software.
Among them are several domain registrars; yesterday, we published a list of those that might have been affected, including those that are now patched.
Dynadot was listed as a patched domain registrar, that also changed their SSL certificate.
They sent out this report via email:
Dear [customer]
We wanted to contact you regarding the recent Heartbleed OpenSSL security bug. We have already patched our website and updated our SSL certificate. Our site has been deemed safe and we will continue to monitor the situation closely to ensure account safety. However, we do recommend changing your account password as a precaution. See our help file on how to change your password and check out our password tips.
If you are an SSL or a VSP customer of ours, you should have already received an email from us with information about Heartbleed and what you can do to protect your website. If you did not receive this email, please contact us at info@dynadot.com and we would be happy to resend the information to you.
You can read more about Heartbleed on our blog. We will continue to update this post should there be any additional changes.
To get started with changing your password, please log in.
Best Regards,
Team Dynadot
dynadot.com
This post is 100% true!
Btw…Moniker appeared on your ‘Vulnerable’ list yesterday, so I sent them a message re Heartbleed bug, asking when they will patch it…
They replied today, saying that they are NOT vulnerable to the Heartbleed bug…They say they don’t use the OpenSSl version that has the vulnerability.
Voltaire – The list came from DNForum verbatim, it is not mine.