Bitcoin Forum

I notice a lot of coins have still not issued an update.

I have been told various things when asking about it. One of which is that unless you activated some option in the windows qt that it is a non issue. If you just used the default settings then this didn't matter at all? 

Was this a non issue for most anyway? or should they all be updating with this bug fixed?

It is a huge security issue. However, the amount of people in this world that can actually pull it off is quite minimal, there will be systems designed to use the bug more optimally in the coming months in order to steal private information.

so it is an issue for the windows qt users even in default mode? the people telling me it is only an issue if the open ssl option was activated are giving me incorrect information?

There are so many options for this exploit, everything that uses openssl is exposed this is even IRC. Anything when using ftp with ssl encryption etc. Basically if openssl is used in any programme and it's activated (actively used). From my understanding it is open for users to decipher private information. It's hard not to scare people with this exploit but the capacity of people to actively start harvesting information at this point is quite negligible. Definitely change your passwords though until sites and software update their openssl platforms to the fixed version.

If you take anything away from this: assume the worst, change all your passwords.

Also it's a concerted effort, educate the websites etc that you use and tell them they need to upgrade/ or switch to an alternative:

https://www.openssl.org/news/secadv_20140407.txt (https://www.openssl.org/news/secadv_20140407.txt)

Just normal users using windows qt will not be harmed with this security exploit.
Windows QT don't event use SSL connection default.