Notification of OpenSSL vulnerability
Dear our valued customers,
Thank you very much for you continued patronage of Konica Minolta products.
Various media have reported that a security bug ("Heartbleed") has been found in OpenSSL, a cryptographic communication of open source libraries used in Internet communication.
Konica Minolta has been verifying the usage conditions and safety of OpenSSL (technology) in our business information products, and investigation has been completed for the following products.
About TWAIN driver update
We have verified the use of the target OpenSSL version with the TWAIN driver for scanning.
But as its mechanism only connects to MFPs, we have had a security-related third-party evaluation organisation confirm that it is not affected by the indicated vulnerability this time.
However as a precaution, Konica Minolta will provide an updated version of the TWAIN driver on the below Website from 19 April 2014. We apologise for the inconvenience, but replacing the current version of the TWAIN driver with the updated version will be securer.
- Target software
"KONICA MINOLTA TWAIN driver for Windows XP/Vista/7/8"
Target versions: Ver. 4.0.06000 (released around April 2013) to Ver. 4.0.12100 (common with HDD TWAIN driver)
- Release of updated version
Availability: From 19 April 2014
Product name: "KONICA MINOLTA TWAIN driver for Windows XP/Vista/7/8 (common with HDD TWAIN driver)" (Ver. 4.0.13100)
We will continue to inform the latest status regarding this issue on our Website on an ongoing basis.
We will also continually gather information regarding security vulnerability and take appropriate actions.
biz.konicaminolta.com Website Management Team
Konica Minolta, Inc.
18 April, 2014
25 April, 2014 (update)