Cisco Firepower users must apply updates ASAP to prevent security holes

Cisco Firepower users must apply updates ASAP to prevent security holes

Image:
Cisco Firepower users must apply updates ASAP to prevent security holes

Affected and unpatched versions may not receive Talos security intelligence updates starting next week

Cisco has told users of its Firepower firewalls they must update their software by the 5th March to continue receiving Talos security intelligence patches.

Cisco's Field Notices alert customers of significant issues with Cisco products that do not include security vulnerabilities and generally need an update, workaround, or other customer action. In its Monday Field Notice, Cisco told customers that the existing SSL (Secure Sockets Layer) certificate authority that signed certificates for Talos security intelligence updates would be decommissioned and replaced on the 6th March. As a result, Talos updates for affected versions of Firepower 'might' fail after 5th March.

Talos security intelligence updates provide lists of sites recognised as sources of spam, phishing, malware, and botnets to Cisco equipment. Cisco products can apply these lists automatically, saving administrators time.

After the 5th March, affected platforms could find themselves unable to receive the most recent intelligence feeds (DNS Hosts, IPs, URLs) from Talos, potentially resulting in vulnerabilities.

Cisco has advised users of FirePOWER Services Software for ASA, Firepower Management Center (FMC) Software, Firepower Threat Defense (FTD) Software, and Firepower 6.1.x through 7.1.x to update as soon as possible.

Both physical firewalls and cloud-based FirePOWER require the upgrade. The Firepower Management Center and Firepower Device Manager must be updated, but Firepower Threat Defense may not need an update.

Cisco says no other content updates - such as Snort Rule Updates, Vulnerability Database, and Geolocation Database - will be affected.

The required updates are already available, except for those running Firepower 7.1.x, for which Cisco plans to release an update by 1st March.

Cisco released patches to fix 15 security vulnerabilities in the company's RV series small-business routers earlier this month. The company warned that these bugs, if unpatched, could enable attackers to do everything from remote code execution (RCE) to accessing corporate networks, without authentication in many cases.

To hear more about how we can tackle security challenges, join us at CyberSecurity Festival this June. Register here.