Oracle's Critical Patch Update (CPU) plugged 37 holes in the popular Java browser plug-in.
Researchers proved the Heartbleed bug was real in a challenge issued by CloudFlare to prove private keys can be stolen, right around the time companies are claiming they were breached because of the critical flaw.
The permissions issue could allow a malicious app to alter legitimate home screen icons.
Disruption is expected; financial crime should be, too.
It's how you handle yourself during and after a breach that will determine just how detrimental the breach actually is for your organization.
Bloomberg reported on Friday that the National Security Agency (NSA) was aware of the SSL/TLS encryption-breaking Heartbleed bug for at least two years before the now infamous flaw caught the attention of the world earlier this week. Shortly after, on its public affairs Twitter account, the NSA said it was not aware of the vulnerability until it was made public.