Microssoft Cloud Defender has started alerting us that there are OpenSSL issues and they are suggesting updating the Openssl version to the latest.

Here are the files that are being flag on all our Qliksense servers running version Qlik Sense February 2024 Patch 6 - 14.173.11

The files:

c:\program files\common files\qlik\custom data\qvodbcconnectorpackage\drill\lib\openssl64.dlla\libcrypto-3-x64.dll
c:\program files\common files\qlik\custom data\qvodbcconnectorpackage\drill\lib\openssl64.dlla\libssl-3-x64.dll

c:\programdata\package cache\af7aeebf-6f94-4a09-9113-21295ed47105\qvodbcconnectorpackage\oracle\lib\libcrypto-3-x64.dll
c:\programdata\package cache\af7aeebf-6f94-4a09-9113-21295ed47105\qvodbcconnectorpackage\oracle\lib\libssl-3-x64.dll
c:\programdata\package cache\af7aeebf-6f94-4a09-9113-21295ed47105\qvodbcconnectorpackage\spark\lib\libcurl64.dlla\openssl64.dlla\libcrypto-3-x64.dll

c:\programdata\package cache\af7aeebf-6f94-4a09-9113-21295ed47105\qvodbcconnectorpackage\spark\lib\libcurl64.dlla\openssl64.dlla\libssl-3-x64.dll
c:\programdata\package cache\af7aeebf-6f94-4a09-9113-21295ed47105\qvodbcconnectorpackage\spark\lib\openssl64.dlla\libcrypto-3-x64.dll
c:\programdata\package cache\af7aeebf-6f94-4a09-9113-21295ed47105\qvodbcconnectorpackage\spark\lib\openssl64.dlla\libssl-3-x64.dll

Remediation:
Update Openssl (from Openssl) to the latest version.

We are also  getting alerts to update the version of Python ... 

Is anyone having the same issue, and could you kindly share some insight on a resolution, the last thing we want is an attack on our servers as a result of this .. 

Thanks

Lass