Version 1.4.8 of Viscosity for both Mac and Windows is now available! This version addresses the recent OpenSSL "Heartbleed" security vulnerability, and all users are strongly advised to update to this release as soon as possible.
The OpenSSL "Heartbleed" bug is a very serious vulnerability in versions 1.0.1 to 1.0.1f of OpenSSL. OpenSSL is OpenVPN's default library for providing encryption services and hence OpenVPN users are exposed to this flaw. While it is more difficult for an attacker to target an OpenVPN client than a server, it could still potentially allow an attacker to obtain session keys and decrypted data and so it should be treated seriously. Version 1.0.1g of OpenSSL fixes this flaw and this is the version included with Viscosity 1.4.8.
For more information regarding the OpenSSL "Heartbleed" bug please visit The Heartbleed Bug website. For further information on how this bug can affect OpenVPN users please visit the OpenVPN Community Wiki Page.
Version 1.4.8 Mac Release Notes:
Version 1.4.8 Windows Release Notes:
The 1.4.8 update can be automatically installed from inside Viscosity, or downloaded and manually installed. For support with this version please visit our support section.