This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Open SSL Vunerability in Sophos Connect 2.2.90

The version of openssl included in the Sophos Connect client contains a number of High Severity openssl vulnerabilites (CVE-2023-0286, CVE-2022-4450 & CVE-2023-0464) and we need a fix ASAP.

When will a new version of Sophos Connect be published that includes the fixes?

At the very least, we need a workaround where we can update (C:\Program Files (x86)\Sophos\Connect\openssl.exe) to a patched version of openssl. Please advise how to patch this executable without impacting the operation of the Sophos Connect client.

Many thanks,

This thread was automatically locked due to age.