Description
Microsoft is aware of a publicly disclosed remote denial of service vulnerability for OpenSSL version 1.1.1d and newer. Previous versions prior to 1.1.1d are unaffected.
The vulnerability is fixed in version 1.1.1g. For more information, please see the OpenSSL security advisory.
Microsoft has confirmed Windows is not affected by this vulnerability. We are currently investigating the wider impact and are applying mitigations to services as needed.
If you are running a Linux VM or have installed any products that use OpenSSL on Azure, please review the version on your system. We recommend that you check the security blog for the distro you are using.
Original advisories
Related products
CVE list
KB list
Read more
Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com