Webinar: Role Based AI in One Click: Train, Deploy, and Use Across any Channel | December 17 at 11 AM EST.
Register Now

OpenSSL Updates Fix Critical Vulnerabilities

Updated on October 11, 2022, by Xcitium

OpenSSL Updates Fix Critical Vulnerabilities

OpenSSL, the popular open source implementation of the SSL protocol, has released updates patching nine issues that including several critical security vulnerabilities.

This includes issues that can be caused by a denial-of-service (DOS) attack. A DOS floods a server with messages to consume large amounts of memory or leak information.

Critical Issues Addressed

The patches address the following critical security vulnerabilities:

  • Preventing an attacker from being able to downgrade the security level of the connection, less secure than TLS 1.0.
  • Preventing an attacker from forcing an error condition which causes OpenSSL to crash while processing DTLS packets due to memory being freed twice.
  • Preventing a malicious server from using a resumed session when multithreaded client connects to send an ec point format extension and write up to 255 bytes to freed memory.

OpenSSL has come under close scrutiny since the revelation in April of the so called Heartbleed bug, which could be exploited to circumvent SSL to capture communications between a browser and a server in an un-encrypted format. OpenSSL is used by almost 20% of all web servers, yet the project is maintained by approximately 10 full time staff. They rely primarily on developer community contributions and donations. In response to the Heartbleed bug, numerous high profile corporations have stepped forward to provides support.

Updates Available

The following updates are available:
• OpenSSL 0.9.8 users should upgrade to 0.9.8zb
• OpenSSL 1.0.0 users should upgrade to 1.0.0n
• OpenSSL 1.0.1 users should upgrade to 1.0.1i

See our Unified Zero Trust (UZT) Platform in Action
Request a Demo

Protect Against Zero-Day Threats
from Endpoints to Cloud Workloads

Product of the Year 2025
Newsletter Signup

Please give us a star rating based on your experience.

1 Star2 Stars3 Stars4 Stars5 Stars (9 votes, average: 2.56 out of 5)
Expand Your Knowledge
Why PII Is a Top Concern in Data Security

What is PII and why is it the cornerstone of modern data protection strategies? In 2024 alone, over ...
what is a skybox
What is a Skybox? Complete Guide for IT and Security Leaders

In cybersecurity and IT infrastructure, visibility is everything. Without a clear view of your syste...
What Is ASI
What Is ASI? Understanding Artificial Superintelligence and Its Impact

Have you ever wondered, what is ASI and why tech leaders, security professionals, and futurists are ...
Business Security Services
MSSPs Offer The Best Business Security Services

The outsourcing of IT professionals has changed the definition of IoT-related service offerings. Now...
Network Information Security
A Look At Powerhouse Services Of Network Information Security

The protection of the data comes under the robust security of the overall network. Offering network ...
Endpoint Device Security Tools
New Xcitium Report Redefines Endpoint Protection

Xcitium, IT security firm provides new understanding and outlook on the current state of endpoint se...
How to Find IP Address in CMD
How to Find IP Address in CMD: A Complete Guide for Professionals and Beginners

Have you ever needed to troubleshoot a network issue, configure security settings, or check connecti...
How to Make Email Signature Outlook
How to Make Email Signature in Outlook: A Complete Guide for Professionals

Have you ever asked yourself, “How to make email signature in Outlook that looks professional and ...
Network Security Wiki
Network Security

Network security is an organization’s strategy that guarantees the security of its assets, includi...
What Is Quantum Computing
What Is Quantum Computing? Exploring the Future of Computing

In a world increasingly defined by data and digital transformation, the question “What is quantum ...
Endpoint Security Solutions For Business
Endpoint Security Solutions For Business

We live in an age where every other day is witnessing a security attack of one kind or the other. Al...
what is in an erp system
What Is in an ERP System? A Complete Guide for IT Leaders

Have you ever asked yourself what is in an ERP system and why businesses unanimously adopt them? For...

By clicking “Accept All" button, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. Cookie Disclosure

Manage Consent Preferences

When you visit any website, it may store or retrieve information on your browser, mostly in the form of cookies. This information might be about you, your preferences or your device and is mostly used to make the site work as you expect it to. The information does not usually directly identify you, but it can give you a more personalized web experience. Because we respect your right to privacy, you can choose not to allow some types of cookies. Click on the different category headings to find out more and change our default settings. However, blocking some types of cookies may impact your experience of the site and the services we are able to offer.

These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information.
These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance.
These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly.
These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.