This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(80, 73%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESR%3C/text%3E%3C/svg%3E)
Hello, I appreciate your support with the following:
As of the day of this post, our vulnerability detection tool has detected the curl 8.0.1 version as vulnerable on the network, which appears in Windows 2016-2019-2022 server operating systems in an integrated manner.
Currently, the updated version 8.4.0 is listed on the official curl page, but you couldn't find the appropriate method to update the curl component.
I would appreciate it if you could provide me with the correct method to update the component or if you have information about the OS patch/update that will fix this vulnerability.
It is important to indicate that the vulnerability was published since 09/2023/14. requesting at that time the update for version 8.3.0 and because an update has not been published until today, a new update of the component was released which is 8.4.0.
Thank you!
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(86.4, 57.00000000000001%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDJ%3C/text%3E%3C/svg%3E)
OK, I read the linked article below... nothing but passing the buck and blaming everyone else... NO SOLUTIONS or answers to the questions that people have. I personally don't care that the cURL Project has problems with hos the NVD determines severity or what they think about Nessus, I just want to know how fix the problem and I want to know who is responsible to provide the fix, that's all.
Now, can anyone help with that?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(51.2, 83%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Only Windows updates can update inbox components, wait
https://www.reddit.com/r/sysadmin/comments/174ncwy/comment/k4e3q7h
p.s. cURL author take on the matter
https://daniel.haxx.se/blog/2023/04/24/deleting-system32curl-exe/