Sophos update released firmware for Sophos Unified Threat Management, a proprietary hardware based security solution for company networks. The manufacturer also started actively distributing the security related update – Up2Date service. Sophos initially releases version 9.703 of the system software as security update available in the download area. However, they stopped the distribution after the update caused serious problems on some systems.
Sophos Has Published A Temporarily Unavailable Notice
Although the firmware update closes a number of vulnerabilities in the Sophos UTM appliances, admins should not install them for the time being. In the meantime, Sophos has published information on the possible problems and replaced the release notes of the firmware security update with a temporarily unavailable notice. Sophos is trying to determine the cause of the problems and plans to release a revised version of the update in good time. The manufacturer is currently distributing a pattern update for correction. This should remove the update from all UTMs that have obtained it from the Up2Date server within the past few days. Manual removal is therefore not necessary. This also makes it clear why corporate customers, but not private users, were affected.
The mentions problems with administrative access as well as connection problems related to the firewall as possible problems due to the incorrect update. After installing the firmware update, all connections from the network to the outside were interrupted. There were always dropouts even with internal connections. It was unable to solve this problem and recommended that Sophos remove the firmware update from the server. In the thread, other users describe problems with the firmware update. Even internal network connections would have been temporarily suspended.