Advisory: Sophos Endpoint "Your connection isn't private" after reboot. Policy settings can be returned to normal. See: KB-000045954 for the latest updates.

Today we've released UTM 9.602. The release will be rolled out in phases.

In phase 1 you can download the update package from our FTP server, in phase 2 we will spread it via our Up2Date servers.

Up2Date Information


  • Maintenance Release


  • System will be rebooted
  • Configuration will be upgraded
  • Connected REDs will perform firmware upgrade

Issues Resolved

  • NUTM-10728 [Access & Identity] Race condition on configuration change of RED device
  • NUTM-9877 [Access & Identity] Configurable RADIUS timeout for L2TP over IPsec
  • NUTM-10190 [Basesystem] CVE-2018-15473: OpenSSH username enumeration
  • NUTM-10362 [Email] MIME type detection doesn't work as expected - header Content-Type always considered
  • NUTM-10480 [Email] Mail Based XSS in Sophos UTM 9
  • NUTM-10484 [Email] POP3 Proxy stops working sometimes
  • NUTM-10545 [Email] Update SPX placeholder description
  • NUTM-10521 [Logging] /tmp partition getting full when using livelog
  • NUTM-10291 [Network] DNS Host object not updated/unresolved
  • NUTM-10460 [Network] GeoIP dropping traffic from allowed region
  • NUTM-10537 [Network] Additional IP address on a bridge interface exist in back-end even after deleting it
  • NUTM-10536 [RED] Wifi traffic on the internal RED15w AP is always routed through the RED tunnel
  • NUTM-10594 [RED] RED50 disconnects randomly
  • NUTM-10595 [Sandstorm] Sandbox Activity Tab not accessible due to license error
  • NUTM-10852 [Sandstorm] Sandboxd complaining on missing column in database/sqlite
  • NUTM-10626 [WAF] Let's Encrypt certificate renewal fails because of failing terms of service check
  • NUTM-10644 [WAF] mod_session_cookie does not respect expiry time (CVE-2018-17199)
  • NUTM-10661 [WAF] SSL redirect broken for wildcard certificates
  • NUTM-10322 [Web] Proxy crash with coredump on UTM 9.508
  • NUTM-10633 [Web] New web templates for content warn does not work in 9.6
  • NUTM-10657 [Web] httpproxy uses up all CPUs in peak hours, resulting in slow browsing
  • NUTM-10668 [Web] Quota relevant web page are accessible when using AD SSO
  • NUTM-10758 [Web] Application Control - Skiplist not working for destination IP
  • NUTM-10546 [Wireless] Updating to 9.6 GA with REDw devices causes corrupt payload and AP becomes inactive