GTM-TJ8GRDF
Skip to main content

SERVICE FACTS

OPENSSL VULNERABILITY - THE “HEARTBLEED” BUG EFFECT ON CLIENT COMPUTING DEVICES

PROBLEM / QUESTION

A significant and serious security vulnerability, known as Heartbleed has been identified in the popular OpenSSL cryptographic protocol that affects Secure Socket Layer (SSL) and Transport Layer Security (TLS) encryption.

Many users now are concerned about the security of Fujitsu software and services and need to know whether or not action is required in order to restore secure communication.

This SupportBulletin is intended to answer the most common questions regarding the effect of the Heartbleed bug on Fujitsu client computing device software and services.

AFFECTED AND UNAFFECTED PRODUCTS

The following Fujitsu CCD products are affected:
  • STYLISTIC M532 (only with Android 4.1.1)
  • CELVIN NAS (Q600, Q700, Q800, Q802, Q902, QR802, Q703) (only with FW 4.0.5)
The following Fujitsu CCD products are not affected:
  • FUJITSU PC ESPRIMO Axxx, Cxxx, Exxx, Pxxx, Qxxx & Xxxx
  • FUJITSU workstation CELSIUS Wxxx, Mxxx, Rxxx & Cxxx
  • FUJITSU thin client FUTRO FUTRO Axxx, Sxxx, Xxxx, Lxxx & Zxxx
  • FUJITSU notebook LIFEBOOK A/AHxxx, Uxxx, Pxxx, Exxx & Sxxx
  • FUJITSU Tablet LIFEBOOK Txxx, STYLISTIC Qxxx, M702
  • Client Computing Device Software
  • All other Fujitsu client computing devices that are not listed under “Affected”.

SOLUTION / WORKAROUND

STYLISTIC M532 (only with Android 4.1.1)

STYLISTIC M532 (Android 4.1.1 / Jelly Bean) is affected by the Heartbleed bug.
For this model an update of the operating system (Android 4.1.1 / Jelly Bean) is under development and expected to be available (finish Google CTS test) on June 2, 2014.
STYLISTIC M532 running under Android 4.0.3 / Ice Cream Sandwich are not affected.

The Update can be downloaded on the Fujitsu technical support page:
http://support.ts.fujitsu.com/Download/Index.asp
The update of operating system for STYLISTIC M532 should be done according the user manual / installation description.

CELVIN NAS (Q600, Q700, Q800, Q802, Q902, QR802, Q703) (only with FW 4.0.5)

All NAS Server with firmware (FW) 4.0.5 are affected by the Heartbleed bug.
The new firmware (4.0.7) for all CELVN NAS models will be available from April 24, 2014 on.
Firmware versions below 4.0.5 (e.g. 3.8.3) are not affected.

For all CELVIN NAS, a new FW (4.0.7) is released and will be available on the Fujitsu technical support page:
http://support.ts.fujitsu.com/Download/Index.asp
The update of firmware for CELVIN NAS should be done according the user manual.

Important note:
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. FUJITSU RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME. FUJITSU EXPECTS TO UPDATE THIS DOCUMENT AS NEW INFORMATION BECOMES AVAILABLE.

Last Update: 30.04.2014