ATP100 - Signature date "Threat Intelligence Machine Learning" out of date

e_mano_e
e_mano_e Posts: 87  Ally Member
First Anniversary 10 Comments Friend Collector First Answer

Hi,

I just updated the ATP100 to the latest firmware V5.36.

After that I manually updated the signatures of all services.

Now the "Threat Intelligence Machine Learning" service says "2017-12-11" as release date!?!

Is this intended or is this a bug in the latest firmware?

Thanks.

«1

All Replies

  • Zyxel_Cooldia
    Zyxel_Cooldia Posts: 1,444  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    edited April 2023

    Hi @e_mano_e ,

    Thanks for issue report.
    We have addressed the issue and will keep you updated stauts in this post.

  • itxnc
    itxnc Posts: 98  Ally Member
    First Anniversary 10 Comments Friend Collector

    We're seeing the same thing on ATP and Flex w/Gold

  • PhilippeBkk
    PhilippeBkk Posts: 13  Freshman Member
    First Anniversary 10 Comments Friend Collector

    Same for us. There are issue with Malware false positive detection. Zyxel ask to update signature but Threat Intelligence Machine Learning (TIML) remain from 2017
    2017-12-11 12:46:40 (UTC+07:00


  • e_mano_e
    e_mano_e Posts: 87  Ally Member
    First Anniversary 10 Comments Friend Collector First Answer

    «but Threat Intelligence Machine Learning (TIML) remain from 2017
    2017-12-11 12:46:40 (UTC+07:00»

    This is a bug in the latest official firmware V5.36.

  • QuiteSmart
    QuiteSmart Posts: 33  Freshman Member
    First Anniversary 10 Comments Friend Collector First Answer

    hello with 5.35 the first manual attempt to update machine learning resulted in an error (but updates antimalware), trying again with antimalware up to date it works for TIML as well. current signature is 1.0.0.20230516.0

    2023-05-16 11:15:08 (UTC+01:00)

    hope this helps

  • Zyxel_Cooldia
    Zyxel_Cooldia Posts: 1,444  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer

    The issue will be merged into next firmware, will update firmware schedule in this thread.

  • aait
    aait Posts: 14  Freshman Member
    First Anniversary 10 Comments Friend Collector

    After the firmware update 5.36 Patch 2 all my ATP100 and ATP200 are again with TIML 1.0.0.20171211.1 When will this situation be fixed definitively? With every firmware update, it comes back

  • jonatan
    jonatan Posts: 145  Ally Member
    First Anniversary 10 Comments Friend Collector First Answer
    edited May 2023

    @aait

    Install the weekly firmware.

    My ATP 200 has V5.36 installed(ABFW.1)ITS-23WK21-r109592, there are no problems with signatures.

  • aait
    aait Posts: 14  Freshman Member
    First Anniversary 10 Comments Friend Collector

    @jonatan

    I have installed ZLD4.73 & ZLD5.36 patch 2 on all firewalls I manage from USG210/310 to ATP500, I cannot install 23WK21 which is vulnerable to CVE-2023-33009 and CVE-2023-33010

Security Highlight