OpenSSL man-in-the-middle vulnerability – Network Gateway product patch information

On June 5th, 2014 a vulnerability (CVE-2014-0224) was found in OpenSSL that impacts our network security products. Fortunately, as of the publication of this article, there are no known in-the-wild attacks. Of course, as you’ve come to expect from Sophos, we’ve wasted no time in getting to work on patches to fix this vulnerability.

The vulnerability exists in OpenSSL and can allow an attacker using a man-in-the-middle attack to decrypt and modify traffic between a vulnerable client and server. Both client and server must be vulnerable for this exploit to work. OpenSSL versions 1.0.1 and 1.0.2-beta are affected.

Continue reading

Sophos UTM Manager 4.2  – Sign up for the final beta, available now

SUM-4-2We’re pleased to announce the final beta of SUM 4.2, which is compatible with our latest UTM release — UTM Accelerated (9.2).

Sophos UTM Manager (SUM) is our free centralized management solution for managing multiple UTMs. SUM allows you to monitor, access, back up and configure all your UTMs, conveniently from a single pane of glass.

Here’s what’s new.

Continue reading

Sophos UTM Manager Up2Date 4.104 Released

We have released a new Up2Date for our free UTM central management tool – Sophos UTM Manager. Release 4.104 is a bug fix release designed to increase the stability of your SUM 4.1 installation, and should be applied at your convenience. If you manage multiple UTM installations and are not yet using SUM, you can download easily here. Read on for the techy details!

Continue reading