PLEASE READ Advisory: Kernel memory issue affecting multiple OS (aka F**CKWIT, KAISER, KPTI, Meltdown & Spectre) for the latest updates.
This week we began rollout of version 4.3.3 of the Sophos Web Appliance software. We will be making it available gradually to customers over the next 2-3 weeks.
This version supports SMBv2 and eliminates the dependency on SMB v1 that was highlighted as an issue after the WannaCry ransomware outbreak in May. Although Microsoft provided patches for the specific SMBv1 vulnerability that was exploited by Wanna, it was widely agreed that SMBv1 should be considered untrustworthy.
We have not removed SMBv1 support in this release, but if SMBv2 is available it will be preferred. This means that customers who are still using SMBv1 should not experience any problems with the new version. The Sophos Web Appliance does not act as an SMB server, so it is not vulnerable should other devices try to connect to it using SMBv1.
If connectivity of your Active Directory systems with Sophos Web Appliance was the only reason you had enabled SMBv1 on your Windows servers, this update will allow you to disable that support.
Other than support for SMBv2, this version also includes a number of bug fixes and an update to the underlying operating system to ensure your Web Appliance is no longer susceptible to the StackClash vulnerability.
See the Release Notes for more detail.