By Danny Yadron <\/p>\n
The encryption bug that has the Internet on high alert also affects the equipment that connects the Web. <\/p>\n
Cisco Systems Inc. \/quotes\/zigman\/20039\/delayed\/quotes\/nls\/csco CSCO -2.03% and Juniper Networks Inc. \/quotes\/zigman\/202982\/delayed\/quotes\/nls\/jnpr JNPR -1.82% , two of the largest manufacturers of network equipment, said Thursday that some of their products contain the Heartbleed bug, meaning hackers might be able to capture user names, passwords and other sensitive information as it moves across corporate networks, home networks and the Internet. <\/p>\n
Many websites -- including those run by Yahoo Inc. \/quotes\/zigman\/59898\/delayed\/quotes\/nls\/yhoo YHOO -4.22% , Amazon.com Inc. \/quotes\/zigman\/63011\/delayed\/quotes\/nls\/amzn AMZN -4.43% and Netflix Inc. \/quotes\/zigman\/87598\/delayed\/quotes\/nls\/nflx NFLX -5.18% -- quickly fixed the hole after it was disclosed Monday. But Cisco and Juniper said the security flaw affects routers, switches and firewalls used in businesses and at home. <\/p>\n
These devices likely will be more difficult to fix. The process involves more steps and businesses are less likely to check the status of network equipment, security experts said. <\/p>\n
Bruce Schneier, a cybersecurity researcher and cryptographer, said, The upgrade path is going to involve trash can, a credit card, and a trip to Best Buy. <\/p>\n
To be sure, the products available at retail stores now likely were shipped before the bug was revealed on Monday, and may also contain the defective software, from an encryption code known as OpenSSL. <\/p>\n
Companies often use firewalls and virtual private networks to protect their computer systems. But if the machines that run the firewalls and virtual private networks are affected by the Heartbleed bug, attackers could use them to infiltrate a network, said Matthew Green, an encryption expert at Johns Hopkins University. <\/p>\n
Read the full article at WSJ.com. <\/p>\n
More From MarketWatch: <\/p>\n
<\/p>\n