App update "man-in-the-middle security bypass" issue

Do I have a virus?

When updating apps today, the IBM security software reported the following:

10/01/2015, 13:09:05 GMT: submitted by atl-prd-webapp-02b-SOC_Console

Ticket updated via SOC Console by user: ogarasym

Src Ip Src Port Event Name Action Severity Dst Ip Dst Port Count Timestamp

208.87.181.43 49566 OpenSSL TLS Man-In-The-Middle Security Bypass MONITOR High 17.249.105.246 443 1 10/01/2015 12:52:37

Src. Attributes Dst. Attributes

208.87.181.43: Internal

Attack ID: CPAI-2014-1616

Last Update: 19-April-2015

Industry References: CVE-2014-0224

Source: IPS Research Team

Supported Products: Security Gateway: R77, R76, R75, R71, R70

Threat Description:

A security bypass via ChangeCipherSpec (CCS) Injection vulnerability has been reported in older versions of OpenSSL. The vulnerability is due to a weakness in OpenSSL methods used for keying material. The vulnerability can be exploited through the use of a man in the middle attack, where an attacker may be able to decrypt and modify traffic in transit. A remote unauthenticated attacker could exploit this vulnerability by using a specially crafted handshake to force the use of weak keying material.

IPS Protection:

This protection will detect and block attempts to exploit this vulnerability.

Attack Detection:

Attack Name: SSL Enforcement Violation

Attack Information: OpenSSL TLS Man-In-The-Middle Security Bypass

Vulnerable Systems: