 [German]There have been problems with the firmware update for Sophos UTM 9.703, as well as with the update for Sophos XG Firewall v18 MR1. The patches were then withdrawn by Sophos. Now the revision Sophos UTM 9.703-3 has been released again.
[German]There have been problems with the firmware update for Sophos UTM 9.703, as well as with the update for Sophos XG Firewall v18 MR1. The patches were then withdrawn by Sophos. Now the revision Sophos UTM 9.703-3 has been released again.   
The trouble with Sophos security updates
First a short review. A few weeks ago the company released firmware updates for the Sophos UTM to version 9.703, as well as an update v18 MR1 for the Sophos XG Firewall. This was intended to close several known vulnerabilities that were preventing the Sophos UTMs and Sophos XG firewalls from taking over. 
In mid-April 2020, in the blog post Stop: Don't install Sophos UTM 9.703 Firmware, I mentioned that this firmware should not be installed due to serious issues. Sophos then pulled this firmware for Sophos UTM. The German edition of the above blog post was commented on by blog reader Matthias Gutowsky (thank you for that), pointing out that the same problem exists with the Sophos XG Firewall. In this Sophos Community post, dated from April 14, 2020, it was noted that Sophos XG Firewall v18 MR1 had also been withdrawn and that a new version was being worked on.
Sophos re-released a UTM firmware update
I announced last week in the German article Sophos Firmware Sophos UTM 9.703 Revision diese Woche, that Sophos was testing a revised firmware for its Sophos UTM. Sophos announded that it wanted this revision released soon. Thorsten Sult posted today this comment (thank you for that) and pointed out that firmware 9.703-3 for Sophos UTM has been released. .
Thorsten Sult has written an addendum to his German blog post. He linked to the advisory Sophos UTM – Traffic not passing after upgrading to v9.703, dated April 23, 2020. The fix NUTM-11173, which caused the issues, has been removed from UTM 9.703-3.
I read within the advisory that only four customers have encountered issues with Sophos and the old update – I can't tell if more were affected. This post in the Sophos community points out that there are two updates (for customers with UTM 9.702 and for customers with UTM 9.703-2).
Similar articles:
Stop: Don't install Sophos UTM 9.703 Firmware
Sophos Firmware Sophos UTM 9.703 Revision diese Woche
0-day vulnerability in Sophos XG Firewall under attack
 
			


