SonicWall: Y2K22 bug hits Email Security, firewall products

SonicWall has confirmed today that some of its Email Security and firewall products have been hit by the Y2K22 bug, causing message log updates and junk box failures starting with January 1st, 2022.

The company says that email users and administrators will no longer be able to access the junk box or un-junk newly received emails on affected systems.

They will also no longer be able to trace incoming/outgoing emails using the message logs because they’re no longer updated.

On January 2nd, SonicWall deployed updates to North American and European instances of Hosted Email Security, the company’s cloud email security service.

It also released fixes for its on-premises Email Security Appliance (ES 10.0.15) and customers using firewalls with the Anti-Spam Junk Store functionality toggled on (Junk Store 7.6.9).

To upgrade to the latest Junk Store version, admins have to download and deploy the Junk Store 7.6.9 installer “posted under SonicOS 6.5.x firmware in MySonicWall downloads section for TZ, NSA, and SOHO platforms” (SonicOS 7.x is not impacted).

The same bug hit Microsoft and Honda

Even though SonicWall did not explain what is causing the Y2K22 bug in its products, they are not the only company hit by this issue.

Starting with January 1st, Honda and Acura car owners began reporting that their in-car navigation systems’ clocks would automatically get knocked back 20 years, to January 1st, 2002.

The reports say that the Y2K22 bug impacts almost all older car models, including Honda PilotOdysseyCRV, Ridgeline, Odyssey, and Acura MDXRDX, CSX, and TL.

Microsoft was also hit by the same bug, with Microsoft Exchange on-premise servers stopping email delivery starting on January 1st, 2022, due to the Y2K22 bug’s impact on the FIP-FS anti-malware scanning engine, which would crash when scanning messages.

“The version checking performed against the signature file is causing the malware engine to crash, resulting in messages being stuck in transport queues,” Microsoft explained.

Redmond has released a temporary fix on January 5th, requiring further customer action while working on an update that would automatically address the issue on impacted Exchange servers.

Source: www.bleepingcomputer.com