Multiple Vulnerabilities in Apache & OpenSSL

What was the Problem?

Multiple vulnerabilities in Apache Version older than 2.4.29 and OpenSSL version older than 1.0.2n were causing security threats.

How do I fix it?

This fix is applicable for Patch Manager Plus build numbers 10.0.120 and above. Follow the below steps to update to the latest Apache version.

  1. Open Windows Services and stop your "ManageEngine Patch Manager Plus server" service.
  2. Download this zip file and extract it.
  3. Copy the extracted folders (bin, LatestApache and lib) and paste it in your Patch Manager Plus installation folder. (ManageEngine/PatchManagerPlus_Server folder).
  4. Using command prompt in administrator mode, navigate to Patch Manager Plus bin folder and execute upgradeWebServer.bat. This will upgrade your Apache and OpenSSL to the latest version.

Keywords: Vulnerabilities, Security Updates, Vulnerabilities and Fixes, OpenSSL, OpenSSL 1.0.2n