ATP100 - Signature date "Threat Intelligence Machine Learning" out of date

e_mano_e
e_mano_e Posts: 88  Ally Member
First Answer First Comment Friend Collector Fourth Anniversary
in Security

Hi,

I just updated the ATP100 to the latest firmware V5.36.

After that I manually updated the signatures of all services.

Now the "Threat Intelligence Machine Learning" service says "2017-12-11" as release date!?!

image.png

Is this intended or is this a bug in the latest firmware?

Thanks.

«1

All Replies

  • Zyxel_Cooldia
    Zyxel_Cooldia Posts: 1,511  Zyxel Employee
    Zyxel Certified Network Administrator - Security Zyxel Certified Sales Associate 100 Answers 1000 Comments
    edited April 2023

    Hi @e_mano_e ,

    Thanks for issue report.
    We have addressed the issue and will keep you updated stauts in this post.

  • itxnc
    itxnc Posts: 98  Ally Member
    First Comment Friend Collector Sixth Anniversary

    We're seeing the same thing on ATP and Flex w/Gold

  • PhilippeBkk
    PhilippeBkk Posts: 13  Freshman Member
    First Comment Friend Collector Fourth Anniversary

    Same for us. There are issue with Malware false positive detection. Zyxel ask to update signature but Threat Intelligence Machine Learning (TIML) remain from 2017
    2017-12-11 12:46:40 (UTC+07:00


  • e_mano_e
    e_mano_e Posts: 88  Ally Member
    First Answer First Comment Friend Collector Fourth Anniversary

    «but Threat Intelligence Machine Learning (TIML) remain from 2017
    2017-12-11 12:46:40 (UTC+07:00»

    This is a bug in the latest official firmware V5.36.

  • QuiteSmart
    QuiteSmart Posts: 48  Freshman Member
    Zyxel Certified Network Administrator - Nebula Zyxel Certified Network Administrator - Security Zyxel Certified Network Administrator - Switch Zyxel Certified Network Administrator - WLAN

    hello with 5.35 the first manual attempt to update machine learning resulted in an error (but updates antimalware), trying again with antimalware up to date it works for TIML as well. current signature is 1.0.0.20230516.0

    2023-05-16 11:15:08 (UTC+01:00)

    hope this helps

  • Zyxel_Cooldia
    Zyxel_Cooldia Posts: 1,511  Zyxel Employee
    Zyxel Certified Network Administrator - Security Zyxel Certified Sales Associate 100 Answers 1000 Comments

    The issue will be merged into next firmware, will update firmware schedule in this thread.

  • Zyxel_Cooldia
    Zyxel_Cooldia Posts: 1,511  Zyxel Employee
    Zyxel Certified Network Administrator - Security Zyxel Certified Sales Associate 100 Answers 1000 Comments

    update!

    Firmware is ready.😀

    https://community.zyxel.com/en/discussion/17036/zld-v5-36wk23-firmware-release

  • aait
    aait Posts: 14  Freshman Member
    First Comment Friend Collector First Anniversary

    After the firmware update 5.36 Patch 2 all my ATP100 and ATP200 are again with TIML 1.0.0.20171211.1 When will this situation be fixed definitively? With every firmware update, it comes back

  • jonatan
    jonatan Posts: 185  Master Member
    5 Answers First Comment Friend Collector Seventh Anniversary
    edited May 2023

    @aait

    Install the weekly firmware.

    My ATP 200 has V5.36 installed(ABFW.1)ITS-23WK21-r109592, there are no problems with signatures.

  • aait
    aait Posts: 14  Freshman Member
    First Comment Friend Collector First Anniversary

    @jonatan

    I have installed ZLD4.73 & ZLD5.36 patch 2 on all firewalls I manage from USG210/310 to ATP500, I cannot install 23WK21 which is vulnerable to CVE-2023-33009 and CVE-2023-33010

Categories

Security Highlight


Read more

Security Help Center

EnglishTiếng ViệtРусскийไทย中文(台灣)