Two days ago, Google published a blog revealing the latest critical vulnerability (CVE-2015-7547) that affects all versions of a standard GNU C Library (glibc), a big component of Enterprise Linux, which is used widely in operating systems, firmware, software and applications. The IT community is now racing to assess the risk, and gauge the impact to IT infrastructure.
With the glibc vulnerability, cyber-criminals now have yet another software bug to exploit on a massive scale. A successful attacker can gain total control of a system through remote code execution. Once they gain ownership of a system, numerous bad things can happen including executing remote commands on a victim’s machine, elevating administrative privileges, gaining unfettered network access, evading detection, or running arbitrary code execution to laterally attack other machines.
The glibc vulnerability has the potential to do serious harm to an organization if proper steps are not taken to eliminate the security risk. Exercising fundamental cyber-hygiene, such as keeping your IT environment current with the latest security updates and having a written vulnerability management and response plan, are key pieces of your cyber-defense strategy that allow you to be more successful. However, there may be instances where your organization’s change control process prevents you from moving quickly on these risk mitigation steps.
SonicWall next-generation firewalls are not vulnerable, since they are not based on Linux and don’t use glibc. Further, the SonicWall Threat Research Team released an IPS signature for CVE-2015-7547 within hours after Google’s announcements. Any SonicWall next-generation firewall with an active IPS security service subscription was automatically updated with the latest countermeasures. All unpatched network systems, devices, software and applications behind SonicWall next-generation firewalls were immediately protected. This means that SonicWall next-generation firewalls provided immediate protection for over 600,000 networks worldwide on the same day the vulnerability was disclosed.
In this case, SonicWall gave our customers precious time to respond systematically to widespread network vulnerabilities. SonicWall technology can help you bolster your security posture without having to scramble to update your IT infrastructure.
For more information, details about the vulnerability and protection can be found in the SonicAlert article posted here: SonicALERT Feb. 16, 2016