Headline
Awareness and guidance related to OpenSSL 3.0 - 3.0.6 risk (CVE-2022-3786 and CVE-2202-3602)
Summary Summary Microsoft is aware and actively addressing the impact associated with the recent OpenSSL vulnerabilities announced on October 25th 2022, fixed in version 3.0.7. As part of our standard processes, we are rolling out fixes for impacted services. Any customer action that is required will be highlighted in this blog and our associated Security Update Guides (CVE-2022-3786 Security Update Guide and CVE-2022-3602 Security Update Guide).