back to article Exploit code for Palo Alto Networks zero-day now public

Various infosec researchers have released proof-of-concept (PoC) exploits for the maximum-severity vulnerability in Palo Alto Networks' PAN-OS used in GlobalProtect gateways. The PoCs started rolling out just a day after the vendor began releasing hotfixes for the issue on Monday. Researchers have echoed previous warnings …

  1. Furious Reg reader John

    PA should be doing better

    "Users who have a Threat Prevention subscription with Palo Alto Networks can also block attacks using Threat IDs 95187, 95189, and 95191 which are available via the Applications and Threats content."

    Perhaps PA should be providing this for free for every device.....

    1. IGotOut Silver badge

      Re: PA should be doing better

      I may be wrong as I've never used this kit, but it sounds like a "click to install" option, which my guess is it then pushes it out to all devices (I've used similar systems)

      If you don't have this, you just have to manually apply the fixes to all your devices manually.

    2. Anonymous Coward
      Anonymous Coward

      Re: PA should be doing better

      Arguably if you're running Palo's without Threat and Wildfire you may as well be on a less expensive platform, but they have stated they'll give anyone without Threat 90 days of it for free due to this CVE too.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like