USG Series new firmware 4.62 Whats New?
Comments
-
Modifications in V4.62(AAPH.0)C0 - 2021/01/19[Standalone mode]1. [Vulnerability Fix] Potential Remote Code Execution vulnerability.2. [Vulnerability Fix] Buffer Overflow vulnerability0
-
There are a lot of firmware updates recently which concern us a little bit, especially because of those vulnerabiliy fixes. Zyxel should improve its quality management. We cannot reboot our production firewall so often.
1 -
Hi @Wolfgang
It will be in the announcement soon, thanks for your reminding.Hi @USG_User
Apologies for the inconvenience, we are doing our best in patching the critical vulnerabilities. This is in the best interest of everyone, especially the users, to secure from potential threats and reduce the chances of exploiting by hackers.
See how you've made an impact in Zyxel Community this year!
1 -
Hi @Zyxel_JeffI've tried to update USG60W from V4.60(AAKZ.1) to 4.62.(AAKZ0) and it looks like since 4.60 there is a Zyxel recurring issue during Fiormware update existing.
Backup startup-config before starting the firmware upgrade and get a know error message as below:
Converting stage1 for startup-config.conf is done.
......% (after 'encrypted-password'): Parse error
ERROR: config-backup setting mail-attach encrypted-password jiZhePgAa1....(shorted password).
Failed to apply startup configuration file and failover to previous firmware ...RollbackApplying system configuration file, please wait...
....% (after 'encrypted-password'): Parse error
ERROR: config-backup setting mail-attach encrypted-password jiZhePgAa1....(shorted password)
Failed to apply startup-config.conf. Try to apply periodical-backup.conf or lastgood.conf or system-default.conf
Save current startup-config.conf to start-config-bad.conf
ZyWALL system is configured successfully with lastgood.conf
Previous firmware upgrade failed - ERROR: config-backup setting mail-attach
encrypted-password jiZhePgAa1....(shorted password).The last backup (30 minutes old - before upgrade to new FW) also avoided by USG
I can understand that you provide security updates for the appliance for installation. But why is there now again since v4.60 for me not understandable error message and rolling them backward in the firmware update process ?
And during these difficult times for all of us, i would like to see better QM before a release is published.
Thanks for understanding
Chris
0 -
Update @Zyxel_Jeff
after i already had such problems with the update from 4.60.0 to 4.60.1, i have looked again at the case be zyxel EMEA. I wrote them the solution to fix my issue Also in the update from 4.60.0 to 4.60.1 it was a "do it your self", which then lifted my USG60 to the new version.
Solution (please do not use it in production and high avalibility areas)!
- Reset the ZyWALL to factory default
- Update the USG to the new Firmware
- Upload and import the config backup into your USG
I don't know why this is also showing an error but the arround 200 rules in my USG are working (layer3 based). the ISP Firewall is Layer7 and save my devices in a higher level and in the last 2 years without any update issue
Regards
Chris
0 -
More details would be nice, but here is what the update process says:1. Remote Code Execution vulnerability fix.Vulnerability Description:These are affected by a CGI vulnerability by the improper input sanitization of HTTP requests.It could allow Hackers to perform remote code execution via OS command injection.Affected Version:ZLD V4.35 and above2. Buffer Overflow vulnerability fix.Vulnerability Description:The buffer overflow vulnerability causes a program to overwrite a memory block, so the system might be unstable or terminate abnormally.Affected Version:ZLD V4.30 and above Recommended Action:Users are advised to upgrade to the latest firmware (ZLD4.62) or hotfix immediately for optimal protection.Thank you for choosing ZyWALL ATP and USG FLEX series. Zyxel is committed to continuously updating your devices for the most advanced features.0
-
Hi @ChrisGer
Thanks for your feedback.
Could you provide your startup-config.conf and diagnostic log of USG60W to me via private message?
Let us do more investigation .
See how you've made an impact in Zyxel Community this year!
0
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 147 Nebula Ideas
- 96 Nebula Status and Incidents
- 5.7K Security
- 262 USG FLEX H Series
- 271 Security Ideas
- 1.4K Switch
- 74 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.4K Consumer Product
- 249 Service & License
- 387 News and Release
- 84 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.5K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 73 Security Highlight