Support Information

Support Message Board

• 'WannaCry Ransomware' Vulnerability News Update
  May 15, 2017

  The 'WannaCry' ransomware attack, targeting the Windows operating system, encrypts the victim computer's data, and attempts to exploit the SMB vulnerability to spread laterally to computers on the same network.

  Global Relay systems are patched against this vulnerability.

• Archive Message Board
  'CloudBleed' Vulnerability News Update - Feburary 24, 2017

  ×

  'CloudBleed' Vulnerability News Update - Feburary 24, 2017

  The ‘CloudBleed’ bug is a vulnerability that exposes sensitive information, such as authentication tokens or HTTP cookies on systems hosted by Cloudflare. Global Relay does not host services with Cloudflare.

  Global Relay has investigated the exposure of this bug and has determined that it does not affect any of Global Relay services.

  'Drown’ SSL Vulnerability News Update - March 2,2016

  ×

  'Drown’ SSL Vulnerability News Update - March 2,2016

  'Drown' is a critical vulnerability affecting SSL v2 that allows a malicious actor to intercept, modify, and/or view encrypted traffic. The common vulnerability exposure number is CVE-2016-0800.

  As of March 2, 2016, Global Relay has patched its Internet-facing services to protect against this vulnerability.

  'Ghost' System Vulnerability News Update - Feb 5,2015

  ×

  'Ghost' System Vulnerability News Update - Feb 5,2015

  'Drown' is a critical vulnerability affecting SSL v2 that allows a malicious actor to intercept, modify, and/or view encrypted traffic. The common vulnerability exposure number is CVE-2016-0800.

  As of March 2, 2016, Global Relay has patched its Internet-facing services to protect against this vulnerability.

  'Winshock' System Vulnerability News Update - Nov 19,2014

  ×

  'Winshock' System Vulnerability News Update - Nov 19,2014

  ‘Winshock’ is a widespread, remotely exploitable, vulnerability that has recently been discovered in the Windows environment. The common vulnerability exposure tracking number is CVE-2014-6321 and the Microsoft security bulletin is MS14-066. As of November 18, 2014, 100% of the systems that provide Global Relay’s Internet-facing services have been patched for this vulnerability.

  'Shellshock' System Vulnerability News Update - Oct 15, 2015

  ×

  'Shellshock' System Vulnerability News Update - Oct 15, 2014

  Shellshock' is a widespread, remotely exploitable, vulnerability that has recently been discovered in the common UNIX shell called Bash.

  As of October 10, 2014, 100% of the systems that provide Global Relay’s Internet-facing services have been patched for the following vulnerabilities:

  CVE-2014-6271
  CVE-2914-6277
  CVE-2914-6278
  CVE-2914-7169
  CVE-2914-7186
  CVE-2914-7187

  SSL 3.0 Fallback (aka ‘POODLE’) Vulnerability Notice - Oct 15, 2015

  ×

  SSL 3.0 Fallback (aka ‘POODLE’) Vulnerability Notice - Oct 15, 2014

  Global Relay has been made aware of a vulnerability in the SSL 3.0 protocol, which has been assigned CVE-2014-3566. All implementations of SSL 3.0 and earlier are affected. The vulnerability does not affect the newer encryption mechanism known as Transport Layer Socket (TLS).

  To mitigate this vulnerability, Global Relay has disabled SSL in all of its browser-facing interfaces. Customers connecting to Global Relay’s services using very old browsers, for example, Internet Explorer version 6, will be impacted. Customers that are using current browsers are not impacted.

  Please contact Global Relay Support if you have any questions.