ATP100 - Signature date "Threat Intelligence Machine Learning" out of date

e_mano_e

Hi,

I just updated the ATP100 to the latest firmware V5.36.

After that I manually updated the signatures of all services.

Now the "Threat Intelligence Machine Learning" service says "2017-12-11" as release date!?!

Is this intended or is this a bug in the latest firmware?

Thanks.

Zyxel_Cooldia

Hi @e_mano_e ,

Thanks for issue report.
We have addressed the issue and will keep you updated stauts in this post.

itxnc

We're seeing the same thing on ATP and Flex w/Gold

PhilippeBkk

Same for us. There are issue with Malware false positive detection. Zyxel ask to update signature but Threat Intelligence Machine Learning (TIML) remain from 2017
2017-12-11 12:46:40 (UTC+07:00

e_mano_e

«but Threat Intelligence Machine Learning (TIML) remain from 2017
2017-12-11 12:46:40 (UTC+07:00»

This is a bug in the latest official firmware V5.36.

QuiteSmart

hello with 5.35 the first manual attempt to update machine learning resulted in an error (but updates antimalware), trying again with antimalware up to date it works for TIML as well. current signature is 1.0.0.20230516.0

2023-05-16 11:15:08 (UTC+01:00) hope this helps

Zyxel_Cooldia

The issue will be merged into next firmware, will update firmware schedule in this thread.

Zyxel_Cooldia

update!

Firmware is ready.😀

https://community.zyxel.com/en/discussion/17036/zld-v5-36wk23-firmware-release

aait

After the firmware update 5.36 Patch 2 all my ATP100 and ATP200 are again with TIML 1.0.0.20171211.1 When will this situation be fixed definitively? With every firmware update, it comes back

jonatan

@aait

Install the weekly firmware.

My ATP 200 has V5.36 installed(ABFW.1)ITS-23WK21-r109592, there are no problems with signatures.

aait

@jonatan

I have installed ZLD4.73 & ZLD5.36 patch 2 on all firewalls I manage from USG210/310 to ATP500, I cannot install 23WK21 which is vulnerable to CVE-2023-33009 and CVE-2023-33010