"Wanna" ransomware outbreak. Please see this Sophos article sophos.com/kb/126733 for advice on how to protect your organization. Immediate action recommended.
This article provides the recommended steps for OpenSSL Security Advisory [05 Jun 2014].
Applies to the following Sophos product(s) and version(s) Sophos UTM 8.3, Sophos UTM 9.1, Sophos UTM 9.2
The following Sophos UTM products and versions require a patch:
To patch these affected versions please download the corresponding version via the following links:
Update from 9.202 to 9.203
ftp: ftp://ftp.astaro.de/UTM/v9/up2date/u2d-sys-9.202028-203003.tgz.gpg Md5sum: 003dd2c89a9281f2b34d7c92892fc563 size ~60 mb
Update from 9.112X to 9.113
ftp: ftp://ftp.astaro.de/UTM/v9/up2date/u2d-sys-9.112012-113001.tgz.gpg Md5sum: ca92863b248868df05405b0ec065660c size ~12 mb
In case you have currently installed version 9.111X you first of all have to update to 9.112 with the following up2date package:
ftp:ftp://ftp.astaro.de/UTM/v9/up2date/u2d-sys-9.111007-112012.tgz.gpg md5sum: f3683cc6587ea806dc5f35783a99d9a4 size ~88 mb
Up2date link: ftp://ftp.astaro.de/ASG/v8/up2date/u2d-sys-8.312.tgz.gpg MD5SUM: 5cf6e90f9e1157779888225610863d77 File size: ~4MB
Now you can install the package via the WebAdmin. Therefore proceed as follows:
Once you have updated your UTM you are no longer vulnerable. But in case you are using the Sophos SSL VPN client to also establish a VPN tunnel to an unpatched product/gateway(which is probably exploitable) it is recommended to also update the client.
To do so proceed as follows once you have updated the UTM:
Blog article: http://blogs.sophos.com/2014/06/06/openssl-man-in-the-middle-vulnerability-network-gateway-product-patch-information/
Blog article: http://blogs.sophos.com/2014/06/10/openssl-man-in-the-middle-vulnerability-sophos-product-status-2/
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. If you need technical support please post a question to our community. Alternatively for licensed products open a support ticket.