White Hat Institute

The Y2K22 bug has affected email security and firewall software

Y2K22
Retrieved from itsfoss.com

SonicWall has acknowledged that the Y2K22 bug has affected certain of its email security and firewall solutions, forcing message log updates and junk box problems as of January 1st, 2022. According to the organization, email users and administrators on compromised systems would no longer be able to access the junk box or un-junk recently received messages. Because the message logs are no longer updated, they will no longer be able to track incoming/outgoing emails.

SonicWall’s Hosted Email Security, the company’s cloud email security solution, received improvements on January 2nd in North America and Europe. It furthermore provided updates for its on-premises Email Security Appliance (ES 10.0.15) for clients that have the Anti-Spam Junk Store feature enabled on their firewalls (Junk Store 7.6.9). System administrators should download and deploy the Junk Store 7.6.9 installer “uploaded under SonicOS 6.5.x firmware in MySonicWall downloads area for TZ, NSA, and SOHO platforms” to switch to the latest Junk Store version (SonicOS 7.x is not impacted).

Despite the fact that SonicWall has not stated what is triggering the Y2K22 bug in its devices, they are not the only organization affected. Honda and Acura automobile owners began claiming that the clocks in their in-car navigation systems were automatically set back 20 years, to January 1st, 2002, beginning on January 1st. According to sources, the Y2K22 bug affects nearly all older automobile models, along with the Honda Pilot, Odyssey, CRV, Ridgeline, and Accord, as well as the Acura MDX, RDX, CSX, and TL.

Due to the Y2K22 bug’s influence on the FIP-FS anti-virus scanning system, which would fail when scanning messages, Microsoft Exchange on-premise servers stopped email transmission on January 1st, 2022. “The malware engine crashes due to version validation against the signature file, resulting in messages getting trapped in transport queues,” Microsoft revealed.

On January 5th, Redmond provided a temporary remedy that requires additional client action while they work on an upgrade that will automatically solve the issue on afflicted Exchange servers.