A set of Windows client security patches for multiple SafeGuard products has been released to address a number of security issues.
It is highly recommended to apply the patch to all affected SafeGuard Enterprise, SafeGuard Easy and SafeGuard LAN Crypt Windows clients.
Applies to the following Sophos products and versions
- SafeGuard Enterprise Client for Windows 8.00 (all modules)
- SafeGuard Enterprise Client for Windows 7.00 (all modules)
- SafeGuard Easy 7.00
- SafeGuard LAN Crypt client 3.95.1
- SafeGuard LAN Crypt client 3.90.2
- SafeGuard LAN Crypt client 3.90.1 TS
- SafeGuard LAN Crypt client 3.95.1 TS
The following sections are covered:
Kyriakos Economou from Nettitude has disclosed a number of security issues within SafeGuard Enterprise to Sophos following our Responsible Disclosure Policy. Sophos is not aware of any attacks leveraging those vulnerabilities or exploits for them being available.
The vulnerabilities are present within all configurations of SafeGuard Enterprise (SGN), SafeGuard Easy (SGE) and SafeGuard LAN Crypt (SGLC) clients running on Windows. Exploitation of those vulnerabilities requires running malicious code on the target machine and can result in privilege escalation. This vulnerability is not remotely exploitable (i.e. over the network).
The CVE numbers reserved for these issues are: CVE-2018-6857, CVE-2018-6855, CVE-2018-6852, CVE-2018-6851, CVE-2018-6856, CVE-2018-6853, CVE-2018-6854. Please note that these issues are in RESERVED state until publication by the researcher.
Patches for all currently supported product versions as well as selected product versions already out of support/maintenance can be found below. Sophos recommend to always keep your products up-to-date and use currently supported versions. However, we are exceptionally providing patches for select versions that are not supported anymore, in case some customers cannot move immediately to a supported version. Please see the Retirement calendar for SafeGuard Products for details on older versions.
Please refer to the following KBAs for instructions on how to download and install the patch for the desired product:
- SafeGuard Enterprise 8.0
- SafeGuard Enterprise 7.0 / SafeGuard Easy 7.0
- SafeGuard Enterprise 6.10 / SafeGuard Easy 6.10
- SafeGuard Enterprise 6.0x / SafeGuard Easy 6.0x
- SafeGuard LAN Crypt 3.9x
Note: A patch for SafeGuard Enterprise Client for Windows 5.60.3 VS-NfD is provided separately, please contact Sophos Support for information on how to receive and install this patch.
If you’ve spotted an error or would like to provide feedback on this article, please use the section below to rate and comment on the article.
This is invaluable to us to ensure that we continually strive to give our customers the best information possible.