Forum Discussion
Help with CVE-2022-3602 OpenSSL
Dear all, Microsoft Defender displays a notification for one device, see attachment. As I am no IT-specialist I checked all available information what to do. But so far I could not find any understa...
HeikeRitter
Microsoft
MicrosoftIf you click on "Sicherheitsempfehlungen" within the CVE page (your right screenshot), there should be the info to update the application.
Based on one of our blogs, you should update to a higher version: https://techcommunity.microsoft.com/t5/microsoft-defender-vulnerability/reduce-openssl-3-0-vulnerabilities-risks-with-microsoft-defender/ba-p/3668567
also the NVD has more information if needed:
https://nvd.nist.gov/vuln/detail/CVE-2022-3602
Based on one of our blogs, you should update to a higher version: https://techcommunity.microsoft.com/t5/microsoft-defender-vulnerability/reduce-openssl-3-0-vulnerabilities-risks-with-microsoft-defender/ba-p/3668567
also the NVD has more information if needed:
https://nvd.nist.gov/vuln/detail/CVE-2022-3602
HeikeRitter thanks for your recommendations. I already checked it and all it says is to "Update Openssl". So I searched a variety of locations where it could be used but nothing appeared to me. So do you have any suggestions how to find the location of "Openssl" or how to update it in general? Thanks in advance.
- HeikeRitterI found this page here- maybe you can have a look?
https://kb.firedaemon.com/support/solutions/articles/4000121705-openssl-3-0-and-1-1-1-binary-distributions-for-microsoft-windowsHeikeRitter, thanks for replying to me. It looks to me as if Openssl is not "standalone" in my case but could be used in some existing software which is installed on my computer. Is there a way to locate the use of Openssl instead of just installing it separately? I think the installation as explained in that article will not solve the issue if another software uses an old version of it.
- Hello,
did anyone manage to solve this problem? My openssl seems to be associated with MS Office. I can not update it separately 😞 to me it's only showing for 1 computer and not all 17 we have, although they have the same config. so 16 seem to be ok.
