Recently, a white paper describing practical attacks on 64-bit block ciphers was published. This attack may allow the extraction of plain text from encrypted communication data, such as cookies that the browser uses to authenticate users.
64-bit block ciphers have long been considered unsafe, but can provide performance improvements, making them the choice of some VPN providers. We want to make it clear that we are not affected by this vulnerability anywhere within our infrastructure. Our choice of AES-256-GCM - the strongest possible encryption has not been proved to be vulnerable. OVPN has always chosen to prioritize security above all else because older technologies often turn out to be more vulnerable than new ones.
Our customers are not affected by this and do not need to take any action, but we do recommend updating the operating system if you're still using Windows XP.