OpenSSL has released security updates to address multiple vulnerabilities in prior versions. (OpenSSL is an open-source implementation of the SSL and TLS security protocols.) Exploitation of these vulnerabilities could allow an attacker to obtain sensitive information.
Available updates include:
- OpenSSL 1.0.2g for 1.0.2 users
- OpenSSL 1.0.1s for 1.0.1 users
CSSD recommends that users and systems administrators review the OpenSSL Security Advisory and apply the necessary updates.
CSSD also recommends that all users install Symantec Endpoint Protection software and use the LiveUpdate feature to get the latest virus definitions. As a complement to Symantec Endpoint Protection, CSSD offers Malwarebytes Premium for individuals and departments at no cost. Students, faculty, and staff can download Malwarebytes and Symantec Endpoint Protection at no cost through the Software Download Service at My Pitt. Departments can submit a help request to obtain Malwarebytes for multiple machines.
Please contact the Technology Help Desk at 412-624-HELP  if you have any questions regarding this announcement.