Sophos products and the GHOST vulnerability affecting Linux

nsgIn the last couple of days, a widespread Linux vulnerability known as GHOST has been receiving a lot of attention in the security community. In theory, this vulnerability can allow an attacker to remotely execute code on a Linux computer. There is already proof of concept code that puts this theory into practice, and it is expected that real world attacks are just around the corner.

The Sophos product teams have been thoroughly investigating to determine which of our products are affected and what is necessary to address those that are.

Continue reading

OpenSSL man-in-the-middle vulnerability – Network Gateway product patch information

On June 5th, 2014 a vulnerability (CVE-2014-0224) was found in OpenSSL that impacts our network security products. Fortunately, as of the publication of this article, there are no known in-the-wild attacks. Of course, as you’ve come to expect from Sophos, we’ve wasted no time in getting to work on patches to fix this vulnerability.

The vulnerability exists in OpenSSL and can allow an attacker using a man-in-the-middle attack to decrypt and modify traffic between a vulnerable client and server. Both client and server must be vulnerable for this exploit to work. OpenSSL versions 1.0.1 and 1.0.2-beta are affected.

Continue reading

Sophos UTM Manager 4.2  – Sign up for the final beta, available now

SUM-4-2We’re pleased to announce the final beta of SUM 4.2, which is compatible with our latest UTM release — UTM Accelerated (9.2).

Sophos UTM Manager (SUM) is our free centralized management solution for managing multiple UTMs. SUM allows you to monitor, access, back up and configure all your UTMs, conveniently from a single pane of glass.

Here’s what’s new.

Continue reading

Sophos UTM Manager Up2Date 4.104 Released

We have released a new Up2Date for our free UTM central management tool – Sophos UTM Manager. Release 4.104 is a bug fix release designed to increase the stability of your SUM 4.1 installation, and should be applied at your convenience. If you manage multiple UTM installations and are not yet using SUM, you can download easily here. Read on for the techy details!

Continue reading