Cisco IOS Software Security Advisory Bundle Announced

September 26, 2012 - 0 Comments

Today Cisco Security Intelligence Operations (SIO) has released its Semi-annual Cisco IOS Software Security Advisory Bundle, the second and final IOS bundle publication of 2012. Today’s release includes nine advisories, of which five have workarounds.

As in previous bundle publications, Cisco SIO has provided an array of security resources to help customers secure their networks. This collateral is not unique to bundle security advisories and instead is part of SIO’s response to current security events. Resources include:

  • Event Responses: correlated security information related to events, such as the bundle, that link content, such as IntelliShield alerts, CVE IDs, and CVSS scores, to a particular security vulnerability
  • IOS Software Checker Tool: a tool that enables customers to determine if Cisco IOS Software versions are affected by a security issue
  • Security Advisories and Responses: detailed security vulnerability information related to Cisco products and networks
  • Applied Mitigation Bulletins: techniques to detect and mitigate exploits on Cisco products.
  • IPS Signatures: detect and block network threats.

We hope you find these resources helpful as you seek to determine whether your network is affected by today’s announcement.

Unique to this release is a newly implemented security automation capability for OVAL and CVRF. These capabilities will reduce the complexity in parsing technical data and enable customers to respond to security issues with greater efficiency.

For more information about SCAP/OVAL and CVRF, check out the following resources:

The next Cisco IOS Software Security Advisory bundle is scheduled for release on the 27th of March 2013. Mark your calendar!

In an effort to keep conversations fresh, Cisco Blogs closes comments after 60 days. Please visit the Cisco Blogs hub page for the latest content.