The OpenSSL team announced seven vulnerabilities covering OpenSSL 0.9.8, 1.0.0, 1.0.1 and 1.0.2 (i.e. all versions) earlier today.
The most serious of these is a potential man-in-the-middle attack CVE-2014-0224 which is being referred to as CCS Injection. Both Google's Adam Langley and the original reporter of the problem have write ups that give more technical detail.
Host 99 technicians will be applying the required patch to all Host 99 servers to insure all servers, websites, accounts that use SSL are protected against CVE-2014-0224 and all the other vulnerabilities announced today. Everyone who uses OpenSSL in their software or on their server should upgrade as soon as possible; the OpenSSL team has released new versions today and Host 99 is implementing these patches immediately.
During this time all websites, accounts should not experience any downtime. In any case if performance shows sign of being slow or lagging. This is the reason for that. We do understand the importance of performance and we will work as fast as possible to insure all servers are protected and downtime is minimal if any.
We do appreciate your patience during this time.
