11-12-2012 07:58 AM
Our vendor's just tipped us off to this:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121108-sophos
A lot of the Cisco articles just reference the same material; I'm having to guess the full impact of the bug from Sophos's own statement at:
http://www.sophos.com/en-us/support/knowledgebase/118424.aspx
I've checked my two low C-class, they reckon they're up to date and they're both running the problematic Sophos engine version.
Do we have any other information on this?
Solved! Go to Solution.
11-13-2012 06:23 AM
> I've sent my begging letters off to TAC via the usual forms.
Our C660s came from the factory with 30 day eval licenses for McAfee. You might want to check to see if yours did as well. It shows up as a dormant feature key, and gets activated when you turn on McAfee.
++Don
11-12-2012 02:26 PM
These are good:
They both have links to the research paper that announced the vulnerabilities. Basically, file parsers for four different file formats, PDF being the most prominent, are buggy and susceptible to remote exploitation via carefully crafted e-mail attachments. There are proof of concept exploits available, but I haven't seen any mention of an exploit targeted at AsyncOS.
We played it safe and followed Cisco's recommended workaround: on Friday afternoon we activated our 30 day eval license for McAfee (gotta love making significant configuration changes on Friday afternoon).
++Don
11-12-2012 02:27 PM
I've read in an RSS feed (which I accidentally deleted) about this bug and Cisco is happy to enable a 30-day license to use the McAffee system on the IronPort appliance.
11-12-2012 11:27 PM
Hi,
it should not take too long until a new Sophos engine will be released. Once released it will be downloaded via the update servers automaticallly. Until then please feel free to contact support and provide the serial numbers of your appliances and you will get a McAfee key valid for 30 days for all your appliances.
Regards,
Enrico
11-13-2012 12:00 AM
Thanks for the feedback, gentlebeings. I've sent my begging letters off to TAC via the usual forms.
Now to start worrying about all of our lapdogs running a certain EPP system!
11-13-2012 06:23 AM
> I've sent my begging letters off to TAC via the usual forms.
Our C660s came from the factory with 30 day eval licenses for McAfee. You might want to check to see if yours did as well. It shows up as a dormant feature key, and gets activated when you turn on McAfee.
++Don
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide