There is no sign of the exploitation of the bug said Cloudfare. However, it will be better to stay protected they added. Following is the description of the bug and what precautionary measure is to be taken.
What is the bug all about?
The bug is called Cloudbleed. When it encountered a poorly constructed HTML website, data from other websites can leak onto those sites using the Cloudfare’s program, which will make the data easy to read. According to a blog from Cloudfare’s CEO Graham-Cumming the bug impacted most in between February 13-18. A report mentioned that the seriousness of the bug has led to the formation of a cross-functional squad from infosec, software engineering and operations formed in London and San Francisco to abundantly understand the core cause, to understand the effect of the memory leak, and to work with Google and other search engines to eradicate any cached HTTP responses.
What type of sites are impacted by the Bug?
There are quite a few websites that are been listed. However, the major point to keep in mind is that the bug searches for the use of Cloudfare in websites. Fitbit, Uber, and Medium are a few to be named.
What should users do to protect themselves?
Changing the password will do the trick. Use a proper password protocol and don’t use thesame password for all sites.