All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of September 26th, 2022. I’ve also included some comments on these stories.

Sophos Firewall Zero-Day Exploited in Attacks on South Asian Organizations

UK-based cybersecurity company Sophos has warned customers that a new zero-day vulnerability affecting some of its firewall products has been exploited in attacks, SecurityWeek reports. According to an advisory published on Friday, version 19.0 MR1 (19.0.1) and older of Sophos Firewall are affected by a critical vulnerability that can be exploited for remote code execution.

Sophos Firewall was subject to a zero day that affected versions 19.0 MR1 and prior. This vulnerability allowed attackers to execute code on vulnerable systems. The vulnerability was located in the User Portal and Webadmin components. Sophos has released a patch to fix this issue. It is also recommended to not have the User Portal and Webadmin interface exposed to the internet.

Windows 11 22H2 blocked due to blue screens on some Intel systems

Microsoft is now blocking the Windows 11 22H2 update from being offered on some systems with Intel Smart Sound Technology (SST) audio drivers. The company also put a safeguard hold in place because this known issue triggers blue screens of death (BSODs) on affected systems, BleepingComputer notes.

Be cautious when upgrading to Windows 11 22H2. This update has been known to cause the BSOD on certain systems with Intel Smart Sound Technology audio drivers. This issue exists because there is an incompatibility issue with the Intel Smart Sound Technology on 11th Gen Core processors and Windows 11. It is recommended to not force the update with the Media (Read more...)