Emergency Palo Alto Networks Content Update

[icecream-guy]

Applications and Threats Content Release Notes
Version 8384
Notices:
•    Palo Alto Networks released this emergency content update to add coverage for two critical vulnerabilities recently disclosed by F5 Networks for which proof-of-concept code exists in the wild:
o   TMM buffer-overflow vulnerability (CVE-2021-22991)
o   Advanced WAF/ASM buffer-overflow vulnerability (CVE-2021-22992)
•   Also, Palo Alto Networks announces new App-IDs that will be released with the content update scheduled for March 16, 2021. Customers running a PAN-OS 8.1 or later release are encouraged to leverage an Application Filter to adopt new App-IDs.
Reminders:
•   (2/18/21)  We added placeholder App-IDs for the Unified Messaging Application Services (UMAS) protocol with content update 8377. Currently, UMAS traffic is identified as modbus-base but—starting with the content release scheduled for April 20, 2021—this traffic will be identified as umas-base or one of the UMAS functional App-IDs. You should begin adding these placeholder App-IDs to your Security policy rules where appropriate to prepare for the April release. For more information, review the details here: https://live.paloaltonetworks.com/t5/customer-  resources/release-plan-for-umas-protocol-app-ids/ta-p/379695.
•   (12/1/20) Action Required for Customers Running PAN-OS 7.1 or PAN-OS 8.0 releases

Due to challenges faced by our customers during the COVID-19 pandemic, we are extending the availability of WildFire, Antivirus, and Applications and Threats content updates for Firewalls and Panorama appliances running PAN-OS 7.1 and PAN-OS 8.0 through June 30, 2021. As per the Palo Alto Networks end-of-life (EoL) summary (determined by the end-of-life (EoL) policy), PAN-OS 7.1 and PAN-OS 8.0 reached end-of-life on June 30, 2020, and October 31, 2019, respectively. Content updates will remain available for download but support will not be provided for content related issues on PAN-OS 7.1 and PAN-OS 8.0.

Action Required: To continue receiving content updates for WildFire, Antivirus, or Applications and Threats beyond June 30, 2021, you must upgrade impacted firewalls and Panorama appliances to PAN-OS 8.1 or a later release by June 30, 2021. To continue receiving support, you must upgrade impacted firewalls and Panorama appliances to PAN-OS 8.1 or a later release.
As always, Palo Alto Networks recommends that you follow Best Practices for upgrading appliances to the latest version of applications and threats content updates according  to your network environment and that you review your policies  to ensure you have configured the appropriate actions for all Security policy rules.