T-7: The Bundle Countdown Begins…
It’s that time of year again—the Cisco IOS Software Security Advisory Bundled Publication will go live in seven days. As a reminder, the Cisco Product Security Incident Response Team (PSIRT) releases bundles of Cisco IOS Software Security Advisories on the fourth Wednesday of March and September each calendar year. As is the case with the vast majority of our advisories, vulnerabilities scheduled for disclosure in these upcoming Security Advisories will normally have a Common Vulnerability Scoring System (CVSS) Base Score from 7.0 to 10.0.
To ensure you’re prepared for the upcoming publication, consider:
- Creating a text file of all the Cisco IOS Software releases in your network
- Assembling a simple list of Cisco IOS Software technologies and features you use
- Noting your Cisco.com username and password
- Locating the username and password for your Cisco IOS routers and switches
- Ensuring network operation partners are prepared for the security advisory release
- Reviewing the benefits of OVAL and CVRF content
And please don’t forget one of the most important resources—The Cisco IOS Software Checker! By far, this tool is the quickest method to determine exposure to vulnerabilities in Cisco IOS Software. Just initiate a search by selecting releases from the drop-down menu or uploading a file from your local system. Results can be customized by searching against all previously published Cisco Security Advisories, a specific publication, or all the advisories in the March 2014 Bundled Publication. Why don’t you test the tool now so you’re ready for next Wednesday?
Make sure to return to the Cisco Security Blog on March 26, 2014, for more details on the seminannual disclosure. Worried about keeping track of upcoming disclosures? How about subscribing to one of our RSS feeds, or reviewing Tim Sammut‘s post about the variety of tools that allow you to stay up to date with our advisories.
And, as always, please visit the Cisco Security Intelligence Operations (SIO) Portal to peruse the wealth of available content—best practices and white papers, the Cisco Security Blog , Security Advisories , Applied Mitigation Bulletins , IntelliShield alerts , and IPS signature information —to help you detect and mitigate threats on your network.