informa
/
Risk
Quick Hits

SonicWall Releases Second Set of February Firmware Patches

The latest patches, for its SMA 100 series products, comes less than three weeks after an updates to patch a zero-day vulnerability.

Network security firm SonicWall today released a new set of firmware patches for its SMA 100 series products, which provide workers with remote access to internal resources. 

The release is an update to a previous alert from Feb. 3, in which the firm warned that a remote attacker could exploit a vulnerability in versions of the products' SMA 10 code prior to 10.2.0.5-29sv to take control of an affected system. The company says even organizations that have applied the firmware update still need to upgrade to SMA 10.2.0.6-32sv. 

Related Content:

Microsoft Defender Zero-Day Fixed in First Patch Tuesday of 2021

Special Report: 2020 State of Cybersecurity Operations and Incident Response

New From The Edge: Security + Fraud Protection: Your One-Two Punch Against Cyberattacks

The Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) is also advising users and administrators to review the updated SonicWall alert and apply the necessary patches as soon as possible.

In January, SonicWall said it detected an attack "by highly sophisticated threat actors exploiting probably zero-day vulnerabilities on certain SonicWall secure remote access products." 

The coordinated attack is one of several on security vendors of late, including Microsoft, FireEye, and Malwarebytes.

Read more here and here.

Recommended Reading:
Editors' Choice
Kirsten Powell, Senior Manager for Security & Risk Management at Adobe
Joshua Goldfarb, Director of Product Management at F5