SonicWall Staff

How SonicWall Guards Against the Glibc Vulnerability

By

Two days ago, Google published a blog revealing the latest critical vulnerability (CVE-2015-7547) that affects all versions of a standard GNU C Library (glibc), a big component of Enterprise Linux, which is used widely in operating systems, firmware, software and applications. The IT community is now racing to assess the risk, and gauge the impact to IT infrastructure.

With the glibc vulnerability, cyber-criminals now have yet another software bug to exploit on a massive scale. A successful attacker can gain total control of a system through remote code execution. Once they gain ownership of a system, numerous bad things can happen including executing remote commands on a victim’s machine, elevating administrative privileges, gaining unfettered network access, evading detection, or running arbitrary code execution to laterally attack other machines.

The glibc vulnerability has the potential to do serious harm to an organization if proper steps are not taken to eliminate the security risk. Exercising fundamental cyber-hygiene, such as keeping your IT environment current with the latest security updates and having a written vulnerability management and response plan, are key pieces of your cyber-defense strategy that allow you to be more successful. However, there may be instances where your organization’s change control process prevents you from moving quickly on these risk mitigation steps.

SonicWall next-generation firewalls are not vulnerable, since they are not based on Linux and don’t use glibc.  Further, the SonicWall Threat Research Team released an IPS signature for CVE-2015-7547 within hours after Google’s announcements.  Any SonicWall next-generation firewall with an active IPS security service subscription was automatically updated with the latest countermeasures. All unpatched network systems, devices, software and applications behind SonicWall next-generation firewalls were immediately protected. This means that SonicWall next-generation firewalls provided immediate protection for over 600,000 networks worldwide on the same day the vulnerability was disclosed.

In this case, SonicWall gave our customers precious time to respond systematically to widespread network vulnerabilities. SonicWall technology can help you bolster your security posture without having to scramble to update your IT infrastructure.

For more information, details about the vulnerability and protection can be found in the SonicAlert article posted here: SonicALERT Feb. 16, 2016

SonicWall Staff
Recommended Cyber Security Stories
Securing Your Network Before, During and After Black Friday
Ten Tips for Protecting POS Systems from Memory Scraping Malware
Network Security Designs for Your Retail Business
Protect Web Applications Running Private, Public or Hybrid Cloud Environments
Meet the New SonicWall NSA 2650 Next-Gen Firewall – Where Faster Meets More Secure
How to Transform Your Network Security Infrastructure To Be Future-Ready
Why Digital Currencies Like Bitcoin Should Be on Your (security) Radar
Chocolate and Network Security: A Match Made in Heaven
Next Steps to Defend Against Cyber Attacks Microsoft NPS RADIUS DoS

Pin It on Pinterest