• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

WatchGuard Releases Appliance Updates to Fix OpenSSL Flaws

July 10, 2014 By Corey Nachreiner

WatchGuard has released several important updates to software for all product lines over the past couple of weeks to address reported vulnerabilities. Last month the OpenSSL team released an update for their popular SSL/TLS package, which fixes six security vulnerabilities in their product, including a relatively serious Man-in-the-Middle (MitM) flaw. More details about these vulnerabilities and their impact are available at the WatchGuard Security Center. If you are not already signed up, we recommend that you subscribe to the blog to get regular updates about security vulnerabilities, WatchGuard products, and general security news.

Here are the releases that have been posted to patch the vulnerable version of OpenSSL.  As always, maintenance releases also include many significant bug fixes. Full details are listed in the Release Notes for each release.

  • 11.3.8 for e-Series devices
  • 11.6.8 for XTM 21,22,and 23 devices
  • 11.7.5 for XTM devices
  • 11.8.4 for XTM and Firebox T10 devices, which is also localized into all of the WatchGuard supported languages.
  • 11.9.1 for XTM and Firebox T10 devices
  • Hotfixes for version 9.2 and 10.0 for XCS appliances
  • SSL 3.2 Update 2 for SSL 100 and 560 appliances.

Other highlights in the new Fireware 11.9.1 release include:

  • Support for default gateway on different subnet
  • Several improved warning and informational messages throughout the product

More information including screenshots are available in the What’s New presentation.

Do These Releases Pertain to Me?

The OpenSSL patch is available for all e-Series, XTM appliances, and Firebox T10. Please choose the version that is relevant for your environment and devices. Upgrade to 11.9.1 to get the latest enhancements to the product.

How Do I Get the Release?

e-Series, XTM, and Firebox appliances owners who have a current LiveSecurity Service subscription can obtain updates without additional charge by downloading the applicable packages from the Articles & Software section of WatchGuard’s Support Center. To make it easier to find the relevant software, be sure to uncheck the “Article” and “Known Issue” search options, and press the Go button. Select the appropriate downloads for your devices. Please read the Release Notes before you upgrade, to understand what’s involved.

If you need support, please enter a support incident online or call our support staff directly. (When you contact Technical Support, please have your registered Product Serial Number, LiveSecurity Key, or Partner ID available.)

  • U.S. End Users: 877.232.3531
  • International End Users: +1.206.613.0456
  • Authorized WatchGuard Resellers: +1.206.521.8375

Don’t have an active LiveSecurity subscription for your XTM appliance? It’s easy to renew. Contact your WatchGuard reseller today. Find a reseller ?

Share This:

Related

Filed Under: Security Bytes, WatchGuard Articles Tagged With: Fireware, software update, SSL VPN, XCS

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • US National Cybersecurity Strategy
  • Cybersecurity’s Toll on Mental Health
  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
  • Here Come The Regulations

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • Here Come The Regulations
  • US National Cybersecurity Strategy
  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
  • Cybersecurity’s Toll on Mental Health
  • Successfully Prosecuting a Russian Hacker
View All

Search

Archives

Copyright © 2023 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use