Surprised there is no 'banner' announcement of this in the community forum (I learnt about it from a third party security mailing list). I've said it before but I will say it again, I think it is a major failing of Sophos not to have a security alert mailing list.
Details here - https://www.sophos.com/en-us/security-advisories/sophos-sa-20220923-sfos-rce
How to check if your XG has been patched - https://support.sophos.com/support/s/article/KB-000044539?language=en_US
A useful update on all this. I was contacted by Yashraj S and asked to check my SMS alerts subscription. I found that I wasn't subscribed to 'Sophos Firewall' alerts. The alerting system has changed a lot since I signed up and it is possible it wasn't even an option when I originally subscribed, confirmed by the fact that I was subscribed to Sophos UTM alerts and we haven't used that product in years. Even better, I also found that you can now also get the alerts by email, which is much more useful for me and exactly what I was asking for in this post. No idea when this was introduced but it seems from the replies in this post that nobody seems to be aware of it. Probably time to stop calling it the SMS alerting service and just call it the 'Alerting Service'!
So a big thanks to Yashraj S for looking into this for me and, obviously, I would suggest others check their subscriptions and sign up for emails if they would also be useful. The direct link is https://centralstatus.sophos.com/subscription
With regards to being emailed as a Partner, I have never received any Partner emails. I have taken this up with my account manager several times but they haven't been helpful in resolving the issue. It seems to me that when we became Partners, we were never added to the Partner emailing list. As he has been so helpful and seems to have his finger on the pulse, I have asked Yashraj Sif there is anything he can do to resolve this or put me in touch with the team responsible for Partner mailings.
I still think there should have been a banner alert in the community forums about this.
Hi Jason, Thank you for posting the update on the thread. I've PM'd you more details about your partner mailing list issue.
may be just by chance but we notice a lot more users need to refresh their VPN config already stored in connect client.
as our userportal is usually closed, they call us so we make user portal accessible on WAN zone.
we deploy connect client with the .pro file and they have been connected before - config already on the machine.
it's for sure not all users but I would say 200% more calls than the weeks before the hotfix was installed
Even on the latest version of Sophos Connect. I noticed this happening with 2.1. Don't think I've seen it on 2.2.75.