Threat Advisory | Critical OpenSSL Patch Coming Today
July 9, 2015
Herjavec Group is currently monitoring the developments around an expected high severity vulnerability. It is believed the Open SSL project team will release a critical patch that could require a lengthy upgrade process.
We are in the process of patching all managed client devices as updates are released by impacted vendors.
This issue affects OpenSSL versions 1.0.2c, 1.0.2b, 1.0.1n and 1.0.1o.
OpenSSL 1.0.2b/1.0.2c users should upgrade to 1.0.2d
OpenSSL 1.0.1n/1.0.1o users should upgrade to 1.0.1p
We will advise customers as soon as a detailed description of the vulnerability is disclosed and share the appropriate updates with you.
Users and administrators are encouraged to review the OpenSSL Security Advisory and apply the necessary updates.