Ask A Question

+44 (0) 345 260 8801 Remote Support Log a Case Client Area
Home>News>Sophos Security Update

Sophos Security Update

Sophos wants to make you aware of the memory isolation issues affecting Intel, AMD, and ARM processors and what actions you can take now. The flaw enables attack code to read anything in memory, which could lead to data or credential theft. The vulnerability is known by names such as Meltdown, Spectre, KPTI, KAISER and F**CKWIT. Patches were released by Microsoft, Linux, and other platforms on Jan 3, 2018. Because exploitation requires the execution of some form of attack code, Sophos products, which do not allow for any form of unauthorized code execution, are not at a high risk of attack.


Sophos Endpoint Security Products


Given that OS mitigations of the hardware vulnerability potentially impacts system stability and performance, Microsoft is advising customers to contact your security vendor before applying the patch. The security vendor will:


1. Confirm if their security software is compatible with the Windows update, and if so
2. Distribute an updated version of the security vendor’s software that sets a specific registry key which enables the Windows update


Sophos has completed testing of Windows update and can confirm compatibility. We will begin to automatically add the registry key setting to the following Sophos products starting Jan 5, 2018:


Endpoint Security

  • Sophos Central Endpoints/Servers
  • Sophos Enterprise Console Endpoints/Servers
  • Preview subscription
  • Recommended subscription
  • Sophos Endpoint Standalone
  • Sophos Virtual Environment (SVE)
  • UTM Managed Endpoints
  • Sophos Home


Sophos Endpoint customers wishing to apply the patch now, ahead of the Sophos update, can set the registry key manually as described in the Microsoft article: ADV180002. Alternatively, you can manually download and apply the patch without the registry key.


Sophos Network Security Products


Sophos is currently validating the kernel updates for Linux and other operating systems that are the basis of the firmware for our network security products. Sophos will be making available any necessary fixes (updated firmware or equivalent images, etc) to the latest versions of our network security products listed below:


Network Security

  • Sophos Firewall OS (XG Firewall) 16.5 and 17
  • UTM (SG series) 9.5
  • Sophos Firewall Manager (SFM) 16.5
  • Cyberoam OS 10.6.6
  • Sophos Web Appliance (SWA) 4.3.4
  • Cyberoam Central Console 02.04.0 build 249
  • iView


Sophos strongly recommends that if you are running a prior release of SFOS, SG, or CROS, you should upgrade to the latest version of SFOS. For all Sophos network security products please apply the latest maintenance releases to receive the patch when released.


For more information please read the following KBA on our support website:

Sophos Partner