Heartbleed Bug Issue
Update: May 1, 2014 @ 2:30PM PDT
All My Cloud products now have firmware updates available
that address the Heartbleed Bug vulnerability. These updates also can be obtained through the firmware update mechanism found in the Dashboard of your My Cloud device. We strongly encourage every My Cloud owner to update the firmware of their device immediately.
WD recommends you follow an additional process, outlined here, for further protection of your My Cloud device. Although highly unlikely, in the event that your device had been compromised by a cyber intruder via the Heartbleed Bug prior to application of the firmware update, your device may remain vulnerable. We have determined that this manual process is more secure than an automated process for proper installation and would re-generate needed authentication of connected phones, tablets and computers.
We apologize for any inconvenience this may cause you. Please contact WD Support should you need assistance in this matter.
Update: April 22, 2014 @ 3:30PM PDT
Solutions to the Heartbleed Bug for WD Arkeia products have been posted here:
Update: April 18, 2014 @ 4:00PM PDT
We have begun making available My Cloud product family firmware solutions to address the Heartbleed Bug. Check here for downloads for your model as they become available.
Please keep in mind that due to the security configuration for your My Cloud device as a personal cloud (versus a public cloud), there may be an additional process to address the security for your content in the future. In the very unlikely event your My Cloud drive had been compromised due to the Heartbleed Bug prior to applying the WD-provided firmware update, we are developing an automated security certificate process for availability, but if you prefer to address this issue now, please contact WD Support.
Update: April 17, 2014 @ 8:00PM PDT
We continue working on solutions to the Heartbleed Bug for My Cloud products. In addition, WD Arkeia products may be vulnerable to the Heartbleed Bug, and we’ll post a solution as soon as we can provide that for you.
Update: April 10, 2014 @ 12:30PM PDT
Highly publicized recently, the Heartbleed bug is a serious vulnerability in the popular OpenSSL encryption software, which is widely used to secure Web-based communications and services. We have confirmed that WD servers enabling remote access to its personal cloud products are unaffected, as are My Book Live devices. My Cloud models may be vulnerable; we’re quickly working on a solution and will post information as it becomes available. While single-user storage devices are unlikely targets versus large Web services reported to have intrusions, click here
for instructions on how to disable remote access as a temporary workaround to address this issue. Please contact WD Support
if you need help or have questions.
WD Customer Service Team