Thread Info
  • State Verified Answer
  • +3 person also asked this people also asked this
  • Locked Locked
  • Replies 26 replies
  • Answers 1 answer
  • Subscribers 17 subscribers
  • Views 15514 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

EXIM Vuln. - any news?

JoergRiether

Hi,

anyone at Sophos can comment on the EXIM vulns, for instance as described here? https://www.heise.de/news/Jetzt-patchen-Kritische-Root-Luecken-bedrohen-Exim-Mail-Server-6036724.html

Thanks

Joerg



This thread was automatically locked due to age.
  • 0 in reply to FormerMember

    JFYI: The Advisory was updated with the latest information.

    __________________________________________________________________________________________________________________

  • 0 in reply to LuCar Toni

    The mentioned  protection IPS rules  are only available on XG 550 or higher models. I would appreciate also release it for models at least +210 or higher. 

    Thanks

  • 0 in reply to FormerMember

    Can't we have just patched exim-related files and instructions in the meantime? I understand utm has no hotfix option out of the box. But such a critical flaw can't wait for a week.

    We just recovered from the hafnium nightmare and this is the next critical issue where we can just sit and wait to be exploited. 

  • 0 in reply to FormerMember

    Will there be a hot fix for those of us on 9.706-8 on the 14th too?

  • 0 in reply to FormerMember

    I also agree that this should be addressed faster. For SG there is no workaround in the meantime. We can‘t just replace all SPAM Filers with eg. Sophos Cloud. There neds to be a small fix just for exim, what is taking so long?

    Or handle the Exploits with IPS. Just waiting is not an option.

    Sophos seems to miss so many things the past years..

  • 0

    We are working as fast as we can (almost 24 hours a day) to get the exim patches out to UTM customers. Unfortunately after integrating the exim patches, we need to do quite a bit of testing (both on email & up2date) to ensure the patches don't introduce any new issues, which is what's taking time. 

    We are still aiming to release updates to both UTM 9.705 & 9.706 this week. 

  • 0 in reply to bobbylam

    Hi bobbylam, i appreciate your response here. But why is there a workaround for XG and not SG. I think mabye Sophos has wrong priorities, not just XG over SG, but developing a patch for Days (weeks?) when there is no workaround like for the XG (IPS, manual fix, stopping the Exploit with disabling other Bugs first, …)

    i know i do not know much about patching and developing Firewalls, but for Firewalls security is essential and can not wait days (again, maybe weeks? We will see)…

  • 0 in reply to solae

    SG & XG do have different architectures so workarounds applicable to one is not always applicable to another. We are not prioritizing XG over SG on this issue, but each product does require different amount of work & testing to get these patches released. 

    As I said we're working as quickly as we can to get these patches out for UTM safely to ensure customers do not have to wait for weeks. 

  • +1

    Hi all, 

    We just released a new 9.705-7 update on our download server which addresses these exim vulnerabilities. 

  • 0 in reply to bobbylam

    Hi bobbylam, thank you. Is there any plan for Firewalls which are already on Version 9.706?

Unfiltered HTML