Can you please suggest here,
1.How to check the existing running version in XG firewall?(Steps)
2.What is the downtime required if this is the older one ?
3. What is the impact of up gradation in existing policies or client affect?
Information on how to check if you have hotfix 2 (for v17.5.8) is here: https://community.sophos.com/kb/en-us/134852#related%20information
What I'm not seeing is if this affects ALL firmware versions or just 17.5.8.
Is there a way to force a hotfix update?
Also please note, on some HA pairs, if going from a much older version to v17.5.9, there's a possibility that one of the firewall's will lock up during the update potentially taking your network down and forcing a manual reboot. I've had this happen on SEVERAL firewalls.
Come on XG team, you've announced an RCE vulnerability, but have give your customers very little to go on. Reading between the lines as Clark did, it appears that Hot Fix version 2 is what is needed on MR8? I've started spot checking some MR8 XGs we have out there, and they are on Hot Fix v1, even though auto-install of hotfixes is enabled. Can this be forced? Are the updates trickling out? Is there a workaround that can be done by disabling/ACLing certain services?
I just got off with Sophos support, it affects ALL versions of Sophos XG firmware except 17.5.9 MR9. There is no way to force a hotfix update, it's likely a rolling patch/push.
No info on what the vulnerability is, Support seems caught as unaware as we are and recommended upgrading production firewalls to v17.5.9 to mitigate the issue (in the middle of the day?!?!?).
I've checked all our firewalls and they are all reporting that Hot Fix 1 is installed, still no sign of hotfix 2. Rather than wait I thought I would upgrade to 17.5.9, however when I run a check for new firmware on the Sophos device itself I get the message that "No upgrades available" . It's currently running 17.5.8
Is anyone else having the same issue ?
New firmware isn't typically released for the XG to update to via the GUI. You can download from the MySophos portal.