OpenSSL DLLs (3.4.2.0) triggering Defender alerts for CVE-2025-9230, 9231, 9232

Meeting SDK Windows
1

I am reporting that Microsoft Defender for Endpoint is currently flagging the bundled OpenSSL libraries in the Zoom binary folder as critical vulnerabilities.

The specific files affected are:

  • C:\Program Files\zoom\bin\libcrypto-3-zm.dll (Version 3.4.2.0)

  • C:\Program Files\zoom\bin\libssl-3-zm.dll (Version 3.4.2.0)

Associated CVEs According to the security portal, these files are being flagged for the following vulnerabilities:

  • CVE-2025-9230

  • CVE-2025-9231

  • CVE-2025-9232

Is the Zoom engineering team aware that these specific CVEs are triggering alerts for version 3.4.2.0? We need to know if there is an upcoming action or patch to address these vulnerability flags, as they are impacting our enterprise security compliance.

2

I can confirm that we are facing the same issue and impact to compliance.
The fixed version of OpenSSL, 3.4.3 was released September 30, 2025. Can we please get this updated?

3

I can also confirm this issue in Microsoft Defender, which is also affecting the compliance of my organisation. Can the Zoom devs kindly confirm that they are aware of this and will release a fix for it soon? Thanks!

4

Might as well move up to 3.4.4 to avoid CVE-2025-11187 (CVSSv3 6.1)

5

I can confirm this issue is also affecting our vulnerability/exposure score and has been doing so for many months now. I would love to see this issue addressed, for the vulnerability tied to it is 6.1 (CVE-2025-11187)

6

Hi @gianni.zoom @elisa.zoom can one of you please take ownership of this topic and ask your developers to fix it? It’s frustrating that this is a serious security vulnerability in your software, which numerous people have taken the time to report to you over the past several months, and so far there has been no response from Zoom staff.

8

Hi all, looking into this and will get back to you soon!

9

Hi @kadirsu76 @GermanKiwi @Bryn_1 @Wyatt @RickC , can you please upgrade to version 7.0 or higher where this should now be resolved?

In the future, please submit vulnerability issues here: Reporting a Security Vulnerability to Zoom | Zoom

image
image1539Ă—366 56.6 KB

You must be logged in in order to submit.

10

Hi Gianni, thanks for the notice - I’ve just updated to 7.0.2 and I can confirm that the libcrypto-3-zm.dll and libssl-3-zm.dll files have both been updated to version 3.4.4.0 (previously 3.4.2.0), which means they are no longer vulnerable. Much appreciated!

FWIW, I did send an email to security-reports@zoom.us (as instructed on your “Reporting a Security Vulnerability” page) on 21 March, describing this vulnerability, and so far I did not receive any reply from there.

11

I can confirm that version 7.0.34412 updated the openssl library files to 3.4.4
Thank you! I will use the vulnerability reporting in the future.

12

Hi @GermanKiwi ,

Ahh thank you for letting me know! I will follow up with the team to see how they are tracking these emails. It may have been that they did not respond because it was a weekend and version 7.0 was released March 24th.

13

Hi @gianni.zoom, unfortunately we now have a brand new vulnerability in OpenSSL 3.4.4.0 which is affecting the latest version of Zoom again, and causing Zoom to get flagged by Microsoft Defender. :sob:

This time it’s these new CVEs:

CVE-2026-28387
CVE-2026-28388
CVE-2026-28389
CVE-2026-28390
CVE-2026-31789
CVE-2026-31790

The solution is to update the OpenSSL files from version 3.4.4.0 to 3.4.5.0.

Could you kindly ask your dev team to action this? Thanks! :slight_smile:

14

Thank you @GermanKiwi , did you submit via the above pathway?

15

No, I haven’t. Should I?

16

Yes please @GermanKiwi ! This is the security team’s ask. Thank you!