We are sending this advance notification of an Emergency Applications & Threat content package on behalf of Palo Alto Networks because we feel it contains important threat protections meriting immediate action upon availability. Palo Alto plan to release the emergency content package on Monday, February 6, 2017 around 9:00AM Pacific Time and we highly recommend that customers install this package upon its release. This emergency content release will contain coverage for a recently announced Microsoft SMB DoS vulnerability (CVE-2017-0016), a WordPress REST API vulnerability and a Sundown Exploit Kit.
Currently unrelated to content release 659, we feel it is important to note that a handful of (PA-5000 and PA-3000 series) device restart incidents have been reported recently and may be associated with content release 658.
The devices restarted once after the installation of content version 658, which caused a High Availability (HA) failover. At this time, the root cause of this issue is unknown. We are thoroughly investigating the matter and while it is possible that a small number of customers may see their PA-5000 and PA-3000 series devices restart after installing content version 659, customers who have deployed HA according to best practices should see little or no traffic disruption due to this issue. Should this issue continue, we still highly recommend customers proceed with content release 659 due to the criticality of the items it includes.
We regret any inconvenience this may have caused and thank you for your patience as we work to resolve this issue. Should you have any questions or experience any disruptions, please don’t hesitate to reach out to your support provider or Palo Alto Networks Customer Support at https://live.paloaltonetworks.com/t5/custom/page/page-id/Support.