Home›Software Updates›Important Sophos Security Advisory for Sophos Mobile and Sophos Mobile Control

Important Sophos Security Advisory for Sophos Mobile and Sophos Mobile Control

26/03/2018

2460

Sophos has released a security update to Sophos Mobile and Sophos Mobile Control installed on premises. Customers running Sophos Mobile managed in Sophos Central or the hosted Sophos Mobile as a Service are not affected by this issue.

This update fixes a security bypass bug that could allow an unauthenticated user to access the administration console or the self-service portal.

This vulnerability was responsibly disclosed to Sophos on 2018-03-21. We are not aware of any attempts to exploit this bug in the wild.

We have assessed this update as critical and therefore advise you to install the update as soon as possible.

•	If you have Sophos Mobile or Sophos Mobile Control version 6.0 or later, please login to the Sophos License Portal, download the security patch for your version and apply immediately.
•	If you have Sophos Mobile Control 5.1 or earlier, you need to upgrade to the current version. For more information please read the articlehttps://community.sophos.com/kb/128031.