Cisco Blogs


Cisco Blog > Security

T-7 Days to Improved Cisco IOS Security

The Cisco IOS Software Security Advisory Bundled Publication will go live in seven days and this time we will have an important update to the Cisco IOS Software Checker to go along with it.

As a reminder, the Cisco Product Security Incident Response Team (PSIRT) releases bundles of Cisco IOS Software Security Advisories on the fourth Wednesday of March and September each calendar year. As is the case with the vast majority of our advisories, vulnerabilities scheduled for disclosure in these upcoming Security Advisories will normally have a Common Vulnerability Scoring System (CVSS) Base Score from 7.0 to 10.0 Read More »

Tags: , , , , , ,

T-7: The Bundle Countdown Begins…

It’s that time of year again—the Cisco IOS Software Security Advisory Bundled Publication will go live in seven days. As a reminder, the Cisco Product Security Incident Response Team (PSIRT) releases bundles of Cisco IOS Software Security Advisories on the fourth Wednesday of March and September each calendar year. As is the case with the vast majority of our advisories, vulnerabilities scheduled for disclosure in these upcoming Security Advisories will normally have a Common Vulnerability Scoring System (CVSS) Base Score from 7.0 to 10.0.

To ensure you’re prepared for the upcoming publication, consider:

  • Creating a text file of all the Cisco IOS Software releases in your network
  • Assembling a simple list of Cisco IOS Software technologies and features you use
  • Noting your Cisco.com username and password
  • Locating the username and password for your Cisco IOS routers and switches
  • Ensuring network operation partners are prepared for the security advisory release
  • Reviewing the benefits of OVAL and CVRF content

Read More »

Tags: , , , ,

7-Day Forecast: Bundle Up!

It’s that time of year again—consider this post your friendly T-7 notice to start preparing for the final Cisco IOS Software Security Advisory Bundled Publication of 2013! As a reminder, the Cisco Product Security Incident Response Team (PSIRT) releases bundles of Cisco IOS Software Security Advisories on the fourth Wednesday of March and September each calendar year. As is the case with the vast majority of our advisories, vulnerabilities scheduled for disclosure in these upcoming Security Advisories will normally have a Common Vulnerability Scoring System (CVSS) Base Score from 7.0 to 10.0.  Cisco security publications that disclose vulnerabilities scoring lower than 7.0 are described in our Cisco Security Vulnerability Policy. Read More »

Tags: , , , , ,

Cisco Security Disclosure: Help Us Help You!

April 15, 2013 at 4:00 am PST

Wow! We just published our tenth bundle of Cisco IOS Software Security Advisories and what a ride it’s been!! Way back when in the fall of 2008 when we produced our first Cisco IOS Software Security Advisory bundle, we had no idea of the impact that this delivery format would have on us internally and, more importantly, on you -- our customers!! The decision to deliver the biannual (on the fourth Wednesday of every March and September) Cisco IOS Software Security Advisory Bundled Publication brought with it many challenges, process changes, and—in the end—a format for Cisco Vulnerability Disclosure that we hope addresses at least some of your concerns. This format was modeled after the scheduled monthly release used by Microsoft for years, known affectionately as “Microsoft Tuesday” and based on requests we heard through discussions with many of our customers.

Read More »

Tags: , , , ,

March 2013 Cisco IOS Software Security Advisories: T-7 and Counting!

It’s that time of year again, folks. On Wednesday of next week, the Cisco Product Security Incident Response Team (PSIRT) will release the first Cisco IOS Software Security Advisory Bundled Publication of 2013. As a reminder, Cisco releases bundles of Cisco IOS Software Security Advisories on the fourth Wednesday of March and September each calendar year. As is the case with the vast majority of our security advisories, vulnerabilities scheduled for disclosure in the upcoming bundle will normally have a Common Vulnerability Scoring System (CVSS) Base Score from 7.0 to 10.0.

Read More »

Tags: , , , , ,