We have developed an AutoCAD Security Hotfix for AutoCAD 2015, AutoCAD LT 2015, AutoCAD 2015-based industry-specific products, and other AutoCAD 2015-based products, to address the Heartbleed vulnerability.
Autodesk has developed product patches or updates to address the Heartbleed vulnerability. They will be available beginning May 2. Check back here, or look for information on product forums, for download instructions. For users who rely on LiveUpdate, you will be pushed the patch automatically.
Your security is our priority. While we have taken all known remediation steps to address the Heartbleed vulnerability, out of caution, we strongly recommend that you change your password for our online services. If you use the same user ID or password on other sites, we recommend that you change those passwords as well. In addition, we will release a patch for our affected desktop products. We will update this page as more information is available.
While Autodesk has taken all known remediation steps for our products, new information about the broad nature of the Heartbleed vulnerability could mean certain third-party components and services used in our products still could be susceptible to Heartbleed. We continue to monitor the situation and work closely with all of our third-party service providers to ensure all possible remediation steps are taken. Please check here for continued updates and recommendations.
We know Autodesk customers are worried about the Heartbleed OpenSSL vulnerability and are concerned about the safety of their data and passwords. We are too.
Based on our information and activities, we can confirm that the following Autodesk services are not vulnerable to Heartbleed:
Our customers’ security is of the utmost concern to Autodesk. We continue to investigate the issue and will provide additional updates and information as available. Check back here for updates.