Palo Alto Networks released this emergency content update to modify coverage for a Microsoft SMB Remote Code Execution Vulnerability for exploits seen in the wild related to the WanaCryptor ransomware attacks.
Customers are advised to upgrade all firewalls and appliances to the latest version of Content Apps and Threats and review policies to ensure desired actions are configured on all security policies.
Beginning with content release version 693-3991, content release updates extend the Panorama CA certificate that is expiring on June 16, 2017. For firewalls to continue to work with Panorama and Log Collectors after June 16, 2017, you must do one of the following:
- Update the Content running on Panorama and the Log Collectors:
- Install content release version 693-3991 or a later content update on Panorama and all Log Collectors.
- After updating the content, reboot Panorama and the Log Collectors to complete the certificate replacement.
- Upgrade the Panorama Software running on Panorama and the Log Collectors to a software OS version listed here:
https://live.paloaltonetworks.com/t5/General-Topics/Panorama-Certificate-Expiration-on-June-16-2017/m-p/150948/thread-id/50050
For additional information about your options for replacing the Panorama CA, go to:
https://live.paloaltonetworks.com/t5/General-Topics/Panorama-Certificate-Expiration-on-June-16-2017/m-p/150948/thread-id/50050
Modified Vulnerability Signatures (1)
Severity |
ID |
Attack Name |
CVE ID |
Vendor ID |
Default Action |
Minimum PAN-OS Version |
critical |
32422 |
Microsoft Windows SMB Remote Code Execution Vulnerability |
CVE-2017-0144 |
MS17-010 |
reset-both |
5.0.0 |
Comments
0 comments
Article is closed for comments.