AdminThe threat surface is very similar to Heartbleed - only the management port (which uses openssl) and users of the COMPAT ciphers in the dataplane. In our most recent survey, less than 1% of customers use those.
Possible iRule for extra credit: Because the attack appears to involve the use of an additional ChangeCipherSpec (CCS) message within in handshake, one could conceivable write an iRule that looked for this and then discarded the connection. Look to the Heartbleed iRules as a template.
For a very detailed explanation of 0224, here is a post Adam Langely from Google: https://www.imperialviolet.org/2014/06/05/earlyccs.html
