I came across a difference between a source file t1_lib.c in OpenSSL between version 1.0.1g and version 1.0.1e, which is the critical file that had the HeartBleed security problem. This is file is only for TLS1.0. From the picture below, can you figure out which version(1.0.1e) has the HeartBleed problem, and which doesn’t(1.0.1g)? How does the HeartBleed problem work?
Here is a blog from the CVP of Microsoft Trustworthy Computing, and a change is undergoing now!
http://blogs.microsoft.com/cybertrust/2014/09/22/looking-forward-trustworthy-computing/
If I read it correctly, this is going to get security operation practices as quick as internet, as fast as services updates, comparing to what we had before for large cycles of Windows. I hope it is good for me!
Rick Xu Technology Blog 