Forum Discussion
SScholz
Nov 21, 2022Copper Contributor
Help with CVE-2022-3602 OpenSSL
Dear all,
Microsoft Defender displays a notification for one device, see attachment. As I am no IT-specialist I checked all available information what to do. But so far I could not find any understandable information, how to detemine, where are changes to make or updates necessary. Can anyone help?
- HeikeRitter
Microsoft
If you click on "Sicherheitsempfehlungen" within the CVE page (your right screenshot), there should be the info to update the application.
Based on one of our blogs, you should update to a higher version: https://techcommunity.microsoft.com/t5/microsoft-defender-vulnerability/reduce-openssl-3-0-vulnerabilities-risks-with-microsoft-defender/ba-p/3668567
also the NVD has more information if needed:
https://nvd.nist.gov/vuln/detail/CVE-2022-3602- SScholzCopper Contributor
HeikeRitter thanks for your recommendations. I already checked it and all it says is to "Update Openssl". So I searched a variety of locations where it could be used but nothing appeared to me. So do you have any suggestions how to find the location of "Openssl" or how to update it in general? Thanks in advance.
- HeikeRitter
Microsoft
I found this page here- maybe you can have a look?
https://kb.firedaemon.com/support/solutions/articles/4000121705-openssl-3-0-and-1-1-1-binary-distributions-for-microsoft-windows