Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Critical Patch 1225 for Heartbleed Bug (CVE-2014-0160) in InterScan Messaging Security Suite (IMSS) 7.5 Windows

    • Updated:
    • 6 May 2014
    • Product/Version:
    • InterScan Messaging Security Suite 7.5 Windows
    • Platform:
    • Windows 2003 Server R2
    • Windows 2008 Server R2
    • Windows 2012 Server Essentials
Summary
IMSS 7.5 Windows is affected by the OpenSSL 1.0.1 Vulnerability or Heartbleed Bug. Download the critical patch that resolves this issue.
Details
Public
What is Heartbleed?
The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. OpenSSL is an implementation of the SSL/TLS encryption protocol used to protect the privacy of Internet communications. OpenSSL is used by many web sites and other applications such as email, instant messaging, and VPNs.
Heartbleed can allow an attacker to read the memory of the systems using certain versions of OpenSSL, potentially allowing them to access user names, passwords, or even the secret security keys of the server. Obtaining these keys can allow malicious users to observe all communications on that system, allowing further exploitation.
Who is impacted by Heartbleed?
Given that this vulnerability has existed for at least two years, an organization that has deployed servers running OpenSSL versions 1.0.1 through 1.0.1f in that period is likely vulnerable to the Heartbleed Bug and should take immediate steps to remediate.
While there are some initial reports of attacks based on the Heartbleed vulnerability, these are preliminary reports and it should be noted that it is very difficult to determine if this attack has occurred in the past. Accordingly, even if an organization is not currently vulnerable, it may have been in the past and it should therefore take immediate steps to remediate if they have deployed the vulnerable OpenSSL versions.
Which products may be affected?
Trend Micro has identified that the InterScan Messaging Security Suite (IMSS) 7.5 Windows Web UI is affected by this issue (OpenSSL 1.01e).
You may also check the list of other Trend Micro products that may be affected here.
Please visit this site regularly since the list is continuously updated with information and solutions as they become available.
Recommended action for IMSS 7.5 Windows
Trend Micro has released Critical Patch 1225 to resolve the issue in IMSS 7.5 Windows.
If you have issues or questions in obtaining the solutions, contact your authorized Trend Micro support representative for further assistance.
Premium
Internal
Rating:
Category:
SPEC
Solution Id:
1103187
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support


To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.


Need More Help?

Create a technical support case if you need further support.