[posttv url="http://www.washingtonpost.com/posttv/business/technology/heartbleed-bug-puts-internet-security-at-risk/2014/04/10/99ddf5ce-be57-4f13-a62f-a0e05dc31cf9_video.html" ]
Fears about the "Heartbleed" bug compromising the security of web traffic have led the Canada Revenue Agency to temporarily restrict online filing and other features, but the U.S. Internal Revenue Service says it is not vulnerable to the problem.
Heartbleed sent information technology professional scrambling to update their systems when it came to light Monday. The issue is a code bug affecting a feature called "heartbeat" in versions of the crypto code library OpenSSL used in the past two years. Due to a flaw in the code, an attacker can request a flash of the data reserved on server memories -- information that could include the security keys used to encrypt private data on the network or things like passwords of credit card numbers.
It's hard to pinpoint just how many Web sites are affected, but major companies like Yahoo and Amazon required updates and the library is widely relied upon across the Internet to secure e-commerce and communication. A fix is now available, but must be applied by each property affected.
CRA froze online activities earlier today, citing fears about the Heartbleed bug. "As a preventative measure, the CRA has temporarily shut down public access to our online services to safeguard the integrity of the information we hold," the agency said in a statement posted to its Web site.
The annual tax deadline in Canada is April 30 and the CRA appears to be aware it may be interrupting some filers' plans -- although it was very polite about the situation. "Please note that consideration will also be given to taxpayers who are unable to comply with their filing requirements because of this service interruption."
But fear not, U.S. taxpayers, the IRS says its systems aren't affected by the issue. "The IRS continues to accept tax returns as normal," an IRS spokesperson told the Post in a statement, adding, "We are not aware of any security vulnerabilities related to this situation." While the agency said it will keep an eye on the issue and stay in touch with its software partners, it "advises taxpayers to continue filing their tax returns as they normally would in advance of the April 15 deadline."