We appreciate your patience while our security team investigated this issue. After an intensive system-wide review, we have confirmed that many (mt) Media Temple services were never affected by the Heartbleed vulnerability.
Services that were not vulnerable:
* (dv) 4.0 Server
* (dpv) Nitro
Services that were vulnerable:
* Premium WordPress
Shortly after the vulnerability was exposed, our team updated the OpenSSL library on Premium WordPress.
Customers whose DV Servers were patched received a support request and an email outlining the changes made to the OpenSSL packages on their servers. Patched servers were rebooted in order to ensure the threat was nullified.
DV Developer and (ve) servers may have been affected, depending on which version of OpenSSL is installed. Customers using OpenSSL should update their servers in order to protect themselves from the Heartbleed bug described in CVE-2014-0160
. Every DV Developer and (ve) customer received a notice regarding the update process for their OS distribution.
As an added precaution, we recommend that you update any passwords or keys (e.g. your SSL certificates) after OpenSSL has been patched or updated. If your server was affected and your SSL certificate was purchased through (mt) Media Temple, please submit a support request
if you would like to obtain a re-keyed SSL certificate.