Palo Alto Security Advisory - PAN-OS 7.0.0

Date: 20/7/2015

Palo Alto have recently informed any customers that have registered their Palo Alto device and are running PAN-OS 7.0.0 of a critical security vulnerability affecting PAN-OS 7.0.0. 

If you are currently running PAN-OS 7.0.0 on at least one of your Palo Alto Networks devices, you will need to upgrade to PAN-OS 7.0.1

With regards to the critical security vulnerability affecting PAN-OS 7.0.0,  this specifically affects devices configured to use LDAP authentication for captive portal or for device management, including Panorama. 

The issue does not exist if you are using Radius or local authentication instead of LDAP or any PAN-OS release other than 7.0.0.

The PAN-OS 7.0.0 release has been removed from the update server and they have made available PAN-OS 7.0.1, which addresses the issue.  Due to the critical nature of this vulnerability, Palo Alto strongly advise all customers who have installed PAN-OS 7.0.0 to upgrade as soon as possible to PAN-OS 7.0.1.  Alternatively, you can revert to an older version of PAN-OS, such as PAN-OS 6.1 or PAN-OS 6.0.

Palo Alto apologise for this issue and they are available to help. If you have any questions related to this advisory or the update process, please do not hesitate to reach out to your support provider or Palo Alto.

Palo Alto have also informed Teneo of a vulnerability in Microsoft Font Driver Could Allow Remote Code Execution (CVE-2015-2426 - MS15-078).

IPS Coverage for CVE-2015-2426 - MS15-078, Vulnerability in Microsoft Font Driver Could Allow Remote Code Execution

Date:  21-Jul-2015 01:59 version 2

Keep up to date with the latest news

The Teneo Technical Support Team will be keeping up to date with all of the latest information and updates, so please get in touch with any questions or concerns at support@teneo.net

To keep up to date with what we know, follow us on Twitter