Hello Zimbra Friends, Customers & Partners, A new security patch has been released to further address CVE-2022-27924. This issue has been ranked as High by the Zimbra Team and we recommend that you use the most recent release available to avoid any issues. Zimbra 9.0.0 “Kepler” Patch 24.1 Patch 24.1 has been released as a […]
Author Archive | John Eastman
Security Update: Zimbra not vulnerable to recent OpenSSL and Spring RCE Vulnerabilities
Hello Zimbra Friends, Customers & Partners, New vulnerabilities in the OpenSSL and Spring Framework projects have been all over the news lately. The Zimbra Engineering team has spent some time digging into these issues to understand any potential impact to Zimbra. The good news is Zimbra does not appear to be affected by the recent […]
Update … Hotfix Available 5 Feb for Zero-day Exploit Vulnerability in Zimbra 8.8.15
Hello Zimbra Friends, Customers & Partners, This is an update to our statement Friday, 4 February … A new Zero-day exploit has been identified that affects Zimbra 8.8.15. Zimbra 8.8.15p30 has been updated and is now available. This critical issue affects all versions of Zimbra 8.8.15, and you are strongly encouraged to update to the […]
Hotfix Available 5 Feb for Zero-day Exploit Vulnerability in Zimbra 8.8.15
Hello Zimbra Friends, Customers & Partners, A new Zero-day exploit has been identified that affects Zimbra 8.8.15. Since learning of the reported vulnerability, Zimbra Engineering has verified the issue and produced a hotfix (for 8.8.15 p30). The hotfix will be available to Zimbra customers through Zimbra Support. A durable fix for the issue is undergoing […]