The vulnerability involves a serious bug in OpenSSL, the technology that powers encryption for two-thirds of web servers. It was revealed Monday by a team of Finnish security researchers who work for Codenomicon, a security company in Saratoga, Calif., and two security engineers at Google.
Researchers are calling the bug “Heartbleed” because it affects the “heartbeat” portion of the OpenSSL protocol, which pings messages back and forth. It can and has been exploited by attackers