Forum Discussion
Update OpenSSL recommendation
c:\packages\plugins\microsoft.azure.security.monitoring.azuresecuritywindowsagent\1.8.0.76\libcrypto-1_1-x64.dll
c:\packages\plugins\microsoft.azure.security.monitoring.azuresecuritywindowsagent\1.8.0.76\libssl-1_1-x64.dll
c:\packages\plugins\microsoft.guestconfiguration.configurationforwindows\1.29.44.0\dsc\gc\libcrypto-1_1-x64.dll
c:\packages\plugins\microsoft.guestconfiguration.configurationforwindows\1.29.44.0\dsc\gc\libssl-1_1-x64.dll
Will manual upgrading of openssl to newer version help with those references? Or do I somehow update them?
Hi sumo83,
unfortunately, I’m not sure if manual upgrading of OpenSSL to a newer version will help with the references you mentioned.
You should use this article as an official guide:
New OpenSSL v3 vulnerability: prepare with Microsoft Defender for Cloud - Microsoft Community Hub
Please click Mark as Best Response & Like if my post helped you to solve your issue.
This will help others to find the correct solution easily. It also closes the item.
If the post was useful in other ways, please consider giving it Like.
Kindest regards,
Leon Pavesic
(LinkedIn)
- tophnealNov 16, 2023Copper ContributorThe linked blog post (https://techcommunity.microsoft.com/t5/microsoft-defender-for-cloud/new-openssl-v3-vulnerability-prepare-with-microsoft-defender-for/ba-p/3666487) being suggested to follow for remediation of this issue does not seem to apply anymore. MS has rearranged and renamed so many areas of Azure/Entra/Defender that I can't even find "Attack Paths," rendering this guide useless.
Has anyone found any other solutions to this?- AllisonHutchenceNov 22, 2023Copper Contributor
tophneal I am struggling with the same. I found several articles - and using the following powershell command (make sure to run powershell as an admin) - I was able to narrow in on where I have OpenSSL on our machines.
Get-childItem libssl* -Recurse -ErrorAction SilentlyContinue | select versioninfo -ExpandProperty versioninfo | sort ProductVersion,Filename | ft -auto
The culprits for us are:
Webex
Zoom
PowerBI Desktop
Salesforce ODBC drivers installed by default in Office
OneDrive
And 2 locations within c:\windows\system32\driverstore\filerepository which seem to be linked to the Intel Trusted Connect Service Client
I uninstalled Webex, Zoom, and PowerBI Desktop. I deleted the Salesforce ODBC drivers. OneDrive appears to updated itself overnight even though I have the same version this morning as I did last night - that is no longer showing up in my list. I am left with the two locations for the Intel Trusted Connect Service Client and I am still looking for how I can update that. I found this article - Surface Go update history - Microsoft Support - which seems to indicate the Nov 2022 update took care of updating the Intel Trusted Connect service client. I don't have a surface go - but I did just go through the steps in the article and it did find an update for the chipset. I'm going to reboot and see if that did anything - as of now - nothing changed.
- sumo83Nov 22, 2023Iron Contributorcool... great info... Will have a look at this... Thanks a lot for sharing this