tunnelblick icon Tunnelblick free software for OpenVPN on OS X and macOS We need translators for several languages…
Home Downloads Support Documents Issues Source Contribute Contact

Highlighted Articles
  Installing Tunnelblick
  Uninstalling Tunnelblick
  Setting up Configurations
  Using Tunnelblick
  Getting VPN Service
  Common Problems
  Configuring OpenVPN
  Release Notes
  Thanks
  FAQ

Discussion Group
  Read Before You Post

Frequently Asked Questions About the 2015-01-08 Vulnerability

2015-03-19 Tunnelblick Vulnerability FAQ

What is the problem?

Some versions of Tunnelblick include a version of the OpenSSL library that is vulnerable to several attacks.

For details on the vulnerabilities, see OpenSSL Security Advisory 03 Mar 2015.

How can I protect my computer from these vulnerabilities?

Update to the latest version of Tunnelblick (either the latest stable version or the latest beta version).

Can Tunnelblick Updates Be Compromised by These Vulnerabilities?

No. There is an additional protection built into the Tunnelblick update process: updates are signed with a digital signature. When you update Tunnelblick, the program checks the digital signature.

How can I update to the latest version of Tunnelblick?

You will need your computer's administrator password to update Tunnelblick.

  • If you have Tunnelblick 3.1 or higher, you can use Tunnelblick's built-in update function.
  • You can install the latest version of Tunnelblick (it will install into /Applications).

Note: Users of a Deployed version of Tunnelblick must obtain a new version of Tunnelblick from the person or organization that distributed Deployed. See How can I know if I am using a Deployed version.

How to use Tunnelblick's built-in update function

  • To update from Tunnelblick 3.2beta16 and higher: Launch your current version of Tunnelblick, click on the Tunnelblick icon in the menu bar, click on "VPN Details;", then click on "Preferences", then click on "Check Now" under "Updates". You'll be guided through the update process.
  • To update from Tunnelblick 3.2beta14 and lower, and all 3.1 versions: Launch your current version of Tunnelblick, click on the Tunnelblick icon in the menu bar, click on "Options", then click on "Check for Updates". You'll be guided through the update process.

How to install the latest version of Tunnelblick

  • Download the latest version from the Downloads page and double-click on the downloaded .dmg file. A new window will appear containing a Tunnelblick icon.
  • Double-click on the Tunnelblick icon to be guided through the update process.
  • If your old version of Tunnelblick was not installed in /Applications, you must manually remove it from your computer.

What versions of Tunnelblick have known vulnerabilities?

The following versions have this or other known vulnerabilities:

  • All 3.5 versions before 3.5beta08 (build 4236)
  • All other versions before 3.4.4 (build 4055.4236)

What version of Tunnelblick do I have?

  1. Find Tunnelblick.app (it is usually in the /Applications folder).
  2. Click on Tunnelblick.app to select it
  3. Click "File", then "Get Info". A window will appear with (among other things) version information.

If there is no version information, it is Tunnelblick version 3.0b9 or earlier.

Am I Using a Deployed Version?

Note: If you try to install Tunnelblick 3.2beta22 or higher on a computer that has a Deployed version of Tunnelblick, an error message will be displayed and the installation will not be performed.

  1. Find Tunnelblick.app (usually it is in /Applications)
  2. Control-click on Tunnelblick.app and click on "Show Package Contents"
  3. Double-click on "Contents"
  4. Double-click on "Resources"

If a "Deploy" folder exists in "Resources", you are using a "Deployed" version of Tunnelblick.

Are there any exploits?

Unknown as of the date of this posting (2015-03-19).

Do I need to be running Tunnelblick to be vulnerable?

Yes.

  Deutsch     Français     中文(简体)     Русский     Español     日本語     …