A fatal vulnerability has been found in open source encryption communication technology “OpenSSL.” Major cybersecurity companies are warning of a possible global security crisis.

According to GDNet in the U.S., the OpenSSL project team announced a statement on its official website that it will release a security revision version of “OpenSSL 3.0.7,” saying it has found the most serious security problem.

OpenSSL 3.0.7 will be released on November 1 (local time). As this security vulnerability is fatal, the OpenSSL project team and security companies recommend that related companies update the version with the disclosure.

(Image = Pixabay)
OpenSSL is an open source software that implements ‘TLS’ encryption communication technology. Almost all Linux servers and related open-source systems are using it to implement encrypted communication functions, and government agencies, including general companies, are using it to build security systems.

This is why this vulnerability can be a global security threat. Although the contents of the vulnerability have not yet been disclosed, it is expected that it could potentially be abused by penetrating the server remotely, damaging the program, or stealing personal information.

First new job ‘executor’
A high-risk vulnerability found in OpenSSL is a heart bleed that occurred in 2014. It is a vulnerability that invalidates encrypted communication using a memory leak bug.

Leave a Reply