These vulnerabilities apply only to Apache HTTP Server versions 2.4.49 and 2.4.50. You should upgrade impacted systems to the latest version 2.4.51 immediately.
 
Are Trellix products impacted by this vulnerability?
We review all products within our portfolio to evaluate potential impact and risk to customers. This step is done carefully to make sure that further actions, if needed, can be prioritized appropriately within respective product teams.

NOTE: ePolicy Orchestrator (ePO) isn’t affected by CVE-2021-41773 or CVE-2021-42013 because it doesn’t use either of the affected versions. For information regarding Apache versions that ePO consumes, see: KB61057 - Versions of Apache, Tomcat, and Java used by ePolicy Orchestrator. 
 
This article will be updated accordingly as more information is available.
 
How can Trellix product solutions help?
It’s always advised, and a best practice, to make sure that software and operating systems are kept up to date on available Updates and security updates as they’re released. We also recommend evaluating and implementing general countermeasures against entry-level threats where suited in your environment; for more information, see: KB91836 - Countermeasures for entry vector threats.
 
We're evaluating product coverage across our portfolio of security solutions for identification, detection, and prevention against this vulnerability. This article will be updated accordingly as possible coverage opportunities and countermeasures are identified.