Sophos released UTM 9.705. The release will be rolled out in phases.
- In phase 1 you can download the update package from their download server
- In phase 2 they will make it available via their Up2Date servers to all installations
Up2Date Information for 9.705
- Maintenance Release
- System will be rebooted
- NUTM-12235 [Basesystem, SUM] UTM not accessible through SUM gateway manager
- NUTM-12234 [Basesystem] Remote Code Execution vulnerability in UTM WebAdmin
- NUTM-12250 [Wireless] AP Wireless Networks restart continuously-9.704
IMPORTANT: This release fixes a Remote Code Execution vulnerability in UTM WebAdmin, which, if you have the WebAdmin or Userportal open to any IP – which of course you have not, it could be exploited!! During COVID-19 there has been a lot of attacks on the perimeter equiment, so an exploit is likely to happen!
Another fix is that when you use Single Sign On from SUM, you will not get to the dashboard of the UTM, this is fixed with 9.705 also – I have tested it 🙂