Altair Unaffected by Heartbleed Virus

By now, you have probably heard about “Heartbleed“, a security vulnerability that has affected a majority of the web sites across the Internet, as well as many enterprise software products.

Altair takes computer security very seriously (e.g., PBS Professional is the only EAL3+ security certified HPC workload manager) — so when we found out about Heartbleed, we immediately started a thorough review and analysis of all our products and services to identify any vulnerability points.

We have found that all versions of the following products and services are safe and were never vulnerable to Heartbleed:
• PBS Professional
• PBS Application Services (PAS)
• PBS Analytics
• Compute Manager default configuration, all versions
• Compute Manager Results Visualization (RVS)
• Compute Manager Touch (for iOS)
• Display Manager
• Simulation Manager
• Access Management Service (AMS)
• e-Compute
• PBS Desktop
• Altair Licensing (ALMS)
Altair Connect — our new customer portal that includes an extensive knowledge base
Altair Online Store — site for buying select Altair software products
PBS Works User Area — site for downloading PBS software and generating PBS license keys
• HyperWorks On-Demand
• HyperWorks Unlimited

The following products and services have vulnerabilities only under very specific configurations as follows:

• Compute Manager, if specifically configured with “Load Balancing” in versions 12.0.0 through 12.0.3, is vulnerable:
­- Load Balancing is an advanced configuration for very large sites that supports hundreds of simultaneous users
– The only affected component is the included Load Balancer service
– Customers with this installation will receive patch notification as soon as it is qualified and released
– If you have used this configuration, Altair recommends upgrading to a later Compute Manager Load Balancing component release, then replacing the SSL keys in use and then changing all the passwords in use within the Compute Manager complex

• Altair Hosted HyperWorks Units (HHWU) service was vulnerable in the past:
– Altair’s HHWU service is now patched and safe
– If you have authorized any machines using the HHWU system, you should log in to Altair Connect and re-authorize those machines
– Note: No customer identifiable information or user passwords are stored in the HHWU system

If you have any questions or concerns, please don’t hesitate to contact your local Altair account manager or email us at

Be safe out there,

– bill

Bill Nitzberg, CTO, PBS Works, Altair

PS: For a succinct (and fun) explanation of the Heartbleed bug, I recommend XKCD’s.

Bill Nitzberg
Latest posts by Bill Nitzberg (see all)
Bill Nitzberg

About Bill Nitzberg

Dr. Bill Nitzberg is the CTO of PBS Works at Altair Engineering, Inc. With over 30 years in the computer industry, spanning commercial software development to high-performance computing research, Dr. Nitzberg is an internationally recognized expert in parallel and distributed computing. Dr. Nitzberg has served on the board of the Open Grid Forum, he co-architected NASA’s Information Power Grid, edited the MPI-2 I/O standard, and has published numerous papers on distributed shared memory, parallel I/O, PC clustering, job scheduling, and cloud computing. In his spare time, Bill tries to reduce his pack weight for his long-distance hiking trips.