Palo Alto Security Advisory - PAN-OS 7.0.0
Palo Alto have recently informed any customers that have registered their Palo Alto device and are running PAN-OS 7.0.0 of a critical security vulnerability affecting PAN-OS 7.0.0.
If you are currently running PAN-OS 7.0.0 on at least one of your Palo Alto Networks devices, you will need to upgrade to PAN-OS 7.0.1
With regards to the critical security vulnerability affecting PAN-OS 7.0.0, this specifically affects devices configured to use LDAP authentication for captive portal or for device management, including Panorama.
The issue does not exist if you are using Radius or local authentication instead of LDAP or any PAN-OS release other than 7.0.0.
The PAN-OS 7.0.0 release has been removed from the update server and they have made available PAN-OS 7.0.1, which addresses the issue. Due to the critical nature of this vulnerability, Palo Alto strongly advise all customers who have installed PAN-OS 7.0.0 to upgrade as soon as possible to PAN-OS 7.0.1. Alternatively, you can revert to an older version of PAN-OS, such as PAN-OS 6.1 or PAN-OS 6.0.
Palo Alto apologise for this issue and they are available to help. If you have any questions related to this advisory or the update process, please do not hesitate to reach out to your support provider or Palo Alto.
Palo Alto have also informed Teneo of a vulnerability in Microsoft Font Driver Could Allow Remote Code Execution (CVE-2015-2426 - MS15-078).
IPS Coverage for CVE-2015-2426 - MS15-078, Vulnerability in Microsoft Font Driver Could Allow Remote Code Execution
Today, Monday, July 20th, Microsoft released Security Bulletin MS15-078, Vulnerability in Microsoft Font Driver Could Allow Remote Code Execution (3079904), CVE-2015-2426. Palo Alto Networks is planning to release an IPS signature for this vulnerability with the normal weekly content release, #516, targeted for Tuesday, July 21st. The vulnerability could allow remote code execution if a user opens a specially crafted document or visits an untrusted webpage that contains embedded OpenType fonts. For more information about the vulnerability, please see https://technet.microsoft.com/library/security/MS15-078.
Keep up to date with the latest news
The Teneo Technical Support Team will be keeping up to date with all of the latest information and updates, so please get in touch with any questions or concerns at firstname.lastname@example.org
To keep up to date with what we know, follow us on Twitter