Patch CVE-2014-3566 for Kaspersky Security Center 10 (version 10.1.249) release notes

 

Kaspersky Security Center 10

 
 
 

Patch CVE-2014-3566 for Kaspersky Security Center 10 (version 10.1.249) release notes

Back to "Version Info"
2018 Dec 27 ID: 11591
 
 
 
 

To fix the vulnerability CVE-2014-3566 in the OpenSSL library that is used in Kaspersky Security Center 10Kaspersky Lab has released a patch for Administration Console, iOS MDM, Network Agent, and Administration Server. The patch contains the following files: 

Installation

  • To install the patch in the silcent mode (for example, for distributing via Kaspersky Security Center), run the patch with the parameter –s.
  • For local installation, run the patch from any local folder. 

Please note. The patch cannot be run from the root folder or from the application installation folder.

After the patch CVE-2014-3566 has been installed, the version of kllibeay.dll and klssleay.dll will change into 10.0.0.5 in the installation folder of the respective component.

Information about the patch will be displayed in Kaspersky Lab software version report

Please note. When patch CVE-2014-3566 is installed along with patch C for Kaspersky Security Center version 10.1.249, patch C must be installed in the first place.

Important: vulnerability scans of the nodes managed by Kaspersky Security Center 10 using third-party resources will not provide correct results. Online scanners detect the vulnerability based on the version of the supported SSL protocol (SSL V3). Kaspersky Security Center 10 allows using SSL V3, however it supports the TLS_FALLBACK_SCSV mechanism. After the installation of the patch, all Network Agents will connect to the gateway using the TLS protocol version 1.2, which makes the attack impossible.

 
 
 
 
Was this information helpful?
Yes No
Thank you
 

 
 

How can we improve this article?

Your feedback will be used for content improvement purposes only. If you need assistance, please contact technical support.

Submit Submit

Thank you for your feedback!

Your suggestions will help improve this article.

OK