Recently Intel released information about a flaw in CPU’s provided in devices from present back to 1995. If you have one of our Sophos products, we want to make you aware of the memory isolation issues affecting Intel, AMD, and ARM processors and what actions you can take now. The flaw enables attack code to read anything in memory, which could lead to data or credential theft. The vulnerability is known by names such as Meltdown, Spectre, KPTI, KAISER and F**CKWIT. Patches were released by Microsoft, Linux, and other platforms on Jan 3, 2018. Because exploitation requires the execution of some form of attack code, Sophos products, which do not allow for any form of unauthorized code execution, are not at a high risk of attack.

It is crucial to stay ahead of today’s security threats, and to do so, your Sophos products should have its firmware updated. If you currently have managed services with Management Concepts, we’ll schedule this to happen automatically, and we’ll take care of it. If you are not currently a managed services customer, we can still help you; you can schedule us to help, or you can perform the updates yourselves.

To perform these updates yourself, open your Sophos console:
1) Navigate to “Backups and Firmware”
2) Select the “Firmware” tab
3) Click “Check for new Firmware”
4) Install and apply the new firmware
*This will reboot the device – so there will be approximately 5-10 minutes of downtime.

As of today, the update is not yet available, as Sophos is currently validating the kernel updates for Linux and other operating systems that are the basis of the firmware for their network security products. Sophos will be making available any necessary fixes (updated firmware or equivalent images, etc.) to the latest versions of the network security products listed below:

• Sophos Firewall OS (XG Firewall) 16.5 and 17. For V17 the update will be later than 17.0.3 MR3, and for V16 it will be later than 16.5.8 MR8.
• UTM (SG series) 9.5
• Sophos Firewall Manager (SFM) 16.5
• Cyberoam OS 10.6.6
• Sophos Web Appliance (SWA) 4.3.4
• Cyberoam Central Console 02.04.0 build 249
• Cyberoam iView 0.1.2.8
• Sophos iView 3.0.1.1

Please let us know if you want us to schedule and perform these actions for you.

For more details on the security updates and ways to mitigate the risk, please visit:

https://community.sophos.com/kb/en-us/128053?elqTrackId=8c5e237a7b17450f9226db252ddc3bf6&elq=c6747bdff10c4581bd647592f810a1e9&elqaid=2778&elqat=1&elqCampaignId=27145