Mitigations first, patches shortly after: While Palo Alto Networks has announced fixes for affected PAN-OS branches, the company is urging customers to immediately reduce exposure rather than wait for patch windows. The vendor said the most important mitigation is restricting access to the User-Id Authentication Portal so it is reachable only from trusted internal IP addresses.Organizations that do not rely on the Captive Portal feature are being advised to disable it entirely. Palo Alto also recommended disabling Response Pages on interfaces exposed to untrusted traffic while keeping them enabled only on trusted internal interfaces where legitimate users connect.For customers with Threat Prevention subscriptions, Palo Alto said attacks can additionally be blocked using Threat ID 510019 included in Applications and Threats content version 9097-10022, though decoder support requires PAN-OS 11.1 or later.
First seen on csoonline.com
Jump to article: www.csoonline.com/article/4168343/critical-palo-alto-networks-software-bug-hits-exposed-firewalls.html
