Security Alerts

Security Alert: Sophos Firewall Vulnerability

WorkSmart is aware of the recently discovered security vulnerability affecting Sophos firewall. ManagedShield Firewalls provided as part of clients’ service plans have the patch installed and require no further action to mitigate this vulnerability.

We are continuing to work with clients that own their own firewall to ensure they’re protected.

What happened?

On March 25th, a critical security vulnerability, or flaw, was found in certain versions of Sophos firewalls.

The flaw, if exploited, allows a remote attacker to gain access to the firewall’s user portal or Webadmin interface.  That access would give attackers control over the firewall.

What are the next steps?

Sophos quickly released hotfixes. If automatic installation of hotfixes is enabled, the patch reached firewalls automatically. Some older versions and end-of-life products need to be manually verified to ensure that they have been patched.

We also recommend restricting external access to the firewall’s user portal and Webadmin. It is best practice to require logging into the firewall from inside the network; for remote access and management, you can use a VPN to connect.

In their security advisory, Sophos also recommended that organizations have the “Allow automatic installation of hotfixes’” feature enabled. 

The Importance of Updating Software

Keeping your systems regularly updated is critical in defending against known cyber threats. This applies not only to computers and servers but all devices and software within your environment. Vendors fix vulnerabilities through software updates, so keeping your systems updated can help to stop cyber-attackers in their tracks as they look for vulnerabilities.

Contact us today if you have any concerns about your firewall, or if you’d like to discuss how to proactively manage security updates. We’re here to help.

Related Content:

11 Tips for Protecting Your Small Business from Cyber Attacks

Sophos Security Advisory