This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(182.40000000000003, 84%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJT%3C/text%3E%3C/svg%3E)
We have multiple devices showing up with OpenSSL vulnerabilities. It is detecting two dll files that it is flagging. Which they are libssl-3-x64.dll and libcrypto-3-x64.dll. It is flagging this for multiple different applications through out multiple devices. Some devices it's not the same application. Is defender showing a false negative of these vulnerabilities. If this are not false negatives then what is the process to update the dll files inside the applications?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(182.40000000000003, 1%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESH%3C/text%3E%3C/svg%3E)
There is a similar issue with AutoDesk DWG Trueview (ADODIS).
c:\program files\autodesk\adodis\v1\setup\cer\libcrypto-3-x64.dll (v3.0.13) generates a notification within the Defender Portal.
I have upgraded to Trueview 2025, and this has updated the above dll to v3.0.14. I don't know if this will resolve the OpenSSL warning in Defender though.
I have been researching this again today (having had this issue for months) and found the following: OpenSSL are aware of the issues that are raised in CVE-2024-2511 but consider it low severity and won't be addressing it anytime soon:
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(179.20000000000002, 99%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESH%3C/text%3E%3C/svg%3E)
This issue only affects TLS servers supporting TLSv1.3. It does not affect TLS
clients.
The FIPS modules in 3.2, 3.1 and 3.0 are not affected by this issue. OpenSSL
1.0.2 is also not affected by this issue.
OpenSSL 3.2, 3.1, 3.0, 1.1.1 are vulnerable to this issue.
OpenSSL 3.2 users should upgrade to OpenSSL 3.2.2 once it is released.
OpenSSL 3.1 users should upgrade to OpenSSL 3.1.6 once it is released.
OpenSSL 3.0 users should upgrade to OpenSSL 3.0.14 once it is released.
OpenSSL 1.1.1 users should upgrade to OpenSSL 1.1.1y once it is released
(premium support customers only).
Due to the low severity of this issue we are not issuing new releases of
OpenSSL at this time. The fix will be included in the next releases when they
become available. The fix is also available in commit e9d7083e (for 3.2),
commit 7e4d731b (for 3.1) and commit b52867a9 (for 3.0) in the OpenSSL git
repository. It is available to premium support customers in commit
5f8d2577 (for 1.1.1).
Source: https://openssl-library.org/news/secadv/20240408.txt
This was dated 8 April 2024.
It doesn't matter what Zoom or PowerBI or anyone do, CVE-2024-2511 will be around until OpenSSL address the weaknesses in those specific libraries.
If you have Zoom, update to version 6.1.0 or above to address OpenSSL flaws except CVE-2024-2511 and CVE-2024-4603, which doesn't affect clients:
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(137.6, 54%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERB%3C/text%3E%3C/svg%3E)
I Got the same Issue. Strange thing it is on Onedrive I'm Not sure what the lastest version of ondrive is, becourse the version list on the Microsoft site is not up to date. But the Warning is on all version of onedrive. Here are some Exampels.
c:\program files\microsoft onedrive\24.101.0519.0010\libcrypto-3-x64.dll
c:\program files\microsoft onedrive\24.108.0528.0005\libcrypto-3-x64.dll
c:\program files\microsoft onedrive\24.101.0519.0010\libssl-3-x64.dll
c:\program files\microsoft onedrive\24.108.0528.0005\libssl-3-x64.dll
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(92.8, 0%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENM%3C/text%3E%3C/svg%3E)
Any recommendations on how we patch this Openssl vulnerability "c:\program files\windowsapps\microsoft.windows.photos_2024.11070.31001.0_x64__8wekyb3d8bbwe\libcrypto-3-x64.dll" One DLL in particular that has been picked up on every file is "libcrypto-3-x64.dll" and "libssl-3.dll". This goes for Windows apps, Zoom, Lenovo drivers. visual studio.
Does this also mean stop using Zoom alltogether or have they fixed the issue?
appdata\roaming\zoom\bin\libcrypto-3-zm.dll
c:\program files\windowsapps\microsoft.windows.photos_2024.11070.31001.0_x64__8wekyb3d8bbwe\libcrypto-3-x64.dll
c:\windows\system32\driverstore\filerepository\iclsclient.inf_amd64_fc84dfa25a6a7727\lib\libcrypto-3-x64.dll
c:\program files\lenovo\lenovo smart appearance components\components\smartappearanceaiservice\libcrypto-3-x64.dll
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(80, 15%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJS%3C/text%3E%3C/svg%3E)
Hi Everyone,
As per my testing and research, I think this will be an ongoing vulnerability recommendation.
For example, Zoom addressed the vulnerability with OpenSSL 3.1.4 back in Jan 2024, screen capture below https://support.zoom.com/hc/en/article?id=zm_kb&sysparm_article=KB0068823
But, Microsoft reported the CVE-2024-2511 which says that multiple versions of OpenSSL still are impacted:
After some testing, I uninstalled Zoom and found that the vulnerability was gone, but Defender detected it again as Zoom as I reinstalled the latest version.
I did find the OpenSSL Recommendation helpful because there were apps and left over files that users in my organization where not using and were increasing the impact of this vulnerability, removing those specifics apps and files make the list shorter.
Hope my findings help you all.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 9%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EB%3C/text%3E%3C/svg%3E)
We're experiencing the same issue on our domain. Lots of these are in driver folders, updated in the last six months.