Hello Zimbra Friends, Looking for the latest Zimbra Patch? This Zimbra wiki page lists all Zimbra product releases with a link to the current Patch: https://wiki.zimbra.com/wiki/Zimbra_Releases Click a Patch link for additional details + installation instructions. Important Patch install info: Patches are cumulative, so you usually don’t need to install any prior patches. […]
Tag Archives | security
[REPOST] Recent Zimbra XXE / SSRF Vulnerability Disclosure
This is a reposting of Rene’s original blog announcement on March 18, 2019. Please read and be sure that your Zimbra Patches are up-to-date! Hello Zimbra Friends, Background The Zimbra Security team has been working with security researcher An Trinh in advance of his recently-published blog post. In the blog, Trinh details his findings regarding […]
Install Zimbra Patches!
Zimbra releases software patches about every 4 weeks. Please install these patches … they are IMPORTANT to keep your Zimbra environment running smoothly. Patches address security vulnerabilities, software improvements, bug fixes and so much more. If you don’t install every patch, your Zimbra deployment could be at risk. Click here to see the latest Zimbra […]
Zimbra Tech Skillz: ABQ for Mobile Devices
Welcome to the first post of our new blog series: Zimbra Tech Skillz! Hello and welcome to our new series “Zimbra Tech Skillz”! As the name says, this blog series will focus on technical aspects of Zimbra. We hope you enjoy! In Zimbra 8.8.9 (Curie), there is a new feature called Allow/Block/Quarantine (ABQ). ABQ is a […]
#EFAIL: Zimbra Not Affected
There has been active commentary about the “EFAIL” paper released May 14 by a German and Belgian research team that presented potential vulnerability in PGP and S/MIME encrypted emails. The Zimbra Security team has analyzed the paper and tested Zimbra for any exposure to the EFAIL attack patterns. The Results? Good news. Zimbra S/MIME solutions […]
Zimbra Admin Alert … Potential “memcrashd” attack
Zimbra memcached may face the “memcrashd” attack on port 11211. By default, memcached listens on a server IP address that is accessible on the network and via the internet if there is no firewall. If your Zimbra memcache servers are behind a firewall, we recommend blocking access on port 11211 from the Internet to Zimbra […]