WatchGuard has released several important updates to software for all product lines over the past couple of weeks to address reported vulnerabilities. Last month the OpenSSL team released an update for their popular SSL/TLS package, which fixes six security vulnerabilities in their product, including a relatively serious Man-in-the-Middle (MitM) flaw. More details about these vulnerabilities and their impact are available at the WatchGuard Security Center. If you are not already signed up, we recommend that you subscribe to the blog to get regular updates about security vulnerabilities, WatchGuard products, and general security news.
Here are the releases that have been posted to patch the vulnerable version of OpenSSL. As always, maintenance releases also include many significant bug fixes. Full details are listed in the Release Notes for each release.
- 11.3.8 for e-Series devices
- 11.6.8 for XTM 21,22,and 23 devices
- 11.7.5 for XTM devices
- 11.8.4 for XTM and Firebox T10 devices, which is also localized into all of the WatchGuard supported languages.
- 11.9.1 for XTM and Firebox T10 devices
- Hotfixes for version 9.2 and 10.0 for XCS appliances
- SSL 3.2 Update 2 for SSL 100 and 560 appliances.
Other highlights in the new Fireware 11.9.1 release include:
- Support for default gateway on different subnet
- Several improved warning and informational messages throughout the product
More information including screenshots are available in the What’s New presentation.
Do These Releases Pertain to Me?
The OpenSSL patch is available for all e-Series, XTM appliances, and Firebox T10. Please choose the version that is relevant for your environment and devices. Upgrade to 11.9.1 to get the latest enhancements to the product.
How Do I Get the Release?
e-Series, XTM, and Firebox appliances owners who have a current LiveSecurity Service subscription can obtain updates without additional charge by downloading the applicable packages from the Articles & Software section of WatchGuard’s Support Center. To make it easier to find the relevant software, be sure to uncheck the “Article” and “Known Issue” search options, and press the Go button. Select the appropriate downloads for your devices. Please read the Release Notes before you upgrade, to understand what’s involved.
If you need support, please enter a support incident online or call our support staff directly. (When you contact Technical Support, please have your registered Product Serial Number, LiveSecurity Key, or Partner ID available.)
- U.S. End Users: 877.232.3531
- International End Users: +1.206.613.0456
- Authorized WatchGuard Resellers: +1.206.521.8375
Don’t have an active LiveSecurity subscription for your XTM appliance? It’s easy to renew. Contact your WatchGuard reseller today. Find a reseller ?