Cisco Firepower Firewall Customers Told To Quickly Patch All The Things Or Bad Things Will Happen To Them

Uses of Cisco Firepower firewalls need to pay attention to this.

Cisco has put out a Field Notice advised that the SSL certificate authority used to sign certificates for Talos security intelligence updates will be decommissioned and replaced on March 6, 2022. What that means is that Firepower devices “might” not be able to receive Talos updates. Those updates contain lists of sites identified as sources of malware, spam, botnets, and phishing to these firewalls. The firewalls in turn can automatically apply them so that you don’t have to add to the always-growing list of threats manually. So in short, after March 6, you might not be protected from the latest threats that exist on the Interwebs. Which of course is bad.

Users of FirePOWER Services Software for ASA, Firepower Threat Defense (FTD) Software, Firepower Management Center Software, and Firepower 6.1.x through 7.1.x have therefore been advised they’ll need to update their software. The update is required for both physical firewalls and FirePOWER running in clouds. And the deadline for doing the update is March 5th. Which means that you don’t have a lot of time to do these updates which are already available. The only exception is those who run Firepower 7.1.x, who have been warned that their update is “Planned for release by March 1, 2022.” That’s four days which is an insanely short amount of time.

Thus you should prepare to get about patching all the things. Because you know that cybercriminals will be getting ready to pwn those who don’t patch all the things.

Leave a Reply

%d bloggers like this: