The script in this article allows Zimbra administrators to create checksums of all the files in a Zimbra installation. The output of the script can be used to identify unintended changes and newly created files. Such changes can for example be caused by hackers. You can use this script pro-actively by scheduling it in a […]
Tag Archives | security
Deprecation of the “X-XSS-Protection” header
Hello Zimbra Customers, Partners & Friends, In the past Zimbra recommended to set the X-XSS-Protection HTTP response header. This header used to enable additional protection against cross-site scripting (XSS) attacks in some web browsers. However this header is now deprecated and support is removed from most browsers. In case you have configured Zimbra to use […]
Zimbra Wiki to Latest Patches & More!
Hello Zimbra Friends, Looking for the latest Zimbra Patch? This Zimbra wiki page lists all Zimbra product releases with a link to the current Patch: https://wiki.zimbra.com/wiki/Zimbra_Releases Click a Patch link for additional details + installation instructions. Important Patch install info: Patches are cumulative, so you usually don’t need to install any prior patches. […]
[REPOST] Recent Zimbra XXE / SSRF Vulnerability Disclosure
This is a reposting of Rene’s original blog announcement on March 18, 2019. Please read and be sure that your Zimbra Patches are up-to-date! Hello Zimbra Friends, Background The Zimbra Security team has been working with security researcher An Trinh in advance of his recently-published blog post. In the blog, Trinh details his findings regarding […]
Install Zimbra Patches!
Zimbra releases software patches about every 4 weeks. Please install these patches … they are IMPORTANT to keep your Zimbra environment running smoothly. Patches address security vulnerabilities, software improvements, bug fixes and so much more. If you don’t install every patch, your Zimbra deployment could be at risk. Click here to see the latest Zimbra […]
Zimbra Tech Skillz: ABQ for Mobile Devices
Welcome to the first post of our new blog series: Zimbra Tech Skillz! Hello and welcome to our new series “Zimbra Tech Skillz”! As the name says, this blog series will focus on technical aspects of Zimbra. We hope you enjoy! In Zimbra 8.8.9 (Curie), there is a new feature called Allow/Block/Quarantine (ABQ). ABQ is a […]