Oh great: Is this new OpenSSL flaw worse than Heartbleed?
Much vulnerability, wow
The Heartbleed flaw discovered in OpenSSL was one of the worst web vulnerabilities in history, but believe it or not it may have already been dethroned.
Even more incredible is the fact that once again, OpenSSL may be to blame.
The "CCS Injection Vulnerability" was discovered by Tatsuya Hayashi, who said it "may be more dangerous than Heartbleed," according to The Guardian.
Attackers can reportedly use this weakness to intercept and even alter data passing between computer and websites in a classic man-in-the-middle maneuver as long as they're on the same network, like a public Wi-Fi hub.
- These are the best SSL certificate services on the market
Hopelessly flawed
The flaw was reportedly introduced into the OpenSSL encryption standard 16 years ago, when OpenSSL was introduced in 1998, but it's only just been discovered.
It affects all past versions of OpenSSL and servers running OpenSSL 1.0.1 or the beta version for 1.0.2.
Meanwhile it's not even the only flaw to be uncovered this week; another allowed hackers to send malicious code to machines running OpenSSL. This flaw was reportedly added four years ago by Robin Seggelmann, the same dev who created Heartbleed.
Get the best Black Friday deals direct to your inbox, plus news, reviews, and more.
Sign up to be the first to know about unmissable Black Friday deals on top tech, plus get all your favorite TechRadar content.
The OpenSSL open source project has already issued a patch, but this newest discovery has nevertheless revived the question of whether it's time to kill OpenSSL once and for all.
- You may want to check TechRadar's list of the best free antivirus software
Michael Rougeau is a former freelance news writer for TechRadar. Studying at Goldsmiths, University of London, and Northeastern University, Michael has bylines at Kotaku, 1UP, G4, Complex Magazine, Digital Trends, GamesRadar, GameSpot, IFC, Animal New York, @Gamer, Inside the Magic, Comic Book Resources, Zap2It, TabTimes, GameZone, Cheat Code Central, Gameshark, Gameranx, The Industry, Debonair Mag, Kombo, and others.
Micheal also spent time as the Games Editor for Playboy.com, and was the managing editor at GameSpot before becoming an Animal Care Manager for Wags and Walks.