Contains fix for many vulnerabilities on Phaser 6700.
Security Bulletins for Xerox Products
Xerox Security Bulletin XRX16-017 V1.0 (PDF 219.3K)
Cumulative update for Common Criteria Certification . Affected products:
WorkCentre®
3655/3655i, 5845, 5855, 5865/5865i, 5875/5875i, 5890/5890i,
5945/5945i, 5955/5955i, 6655/6655i, 7220/7220i, 7225/7225i, 7830/7830i, 7835/7835i, 7845/7845i, 7855/7855i, 7970/7970i.
Xerox Security Mini Bulletin XRX16V_V1.0 (PDF 186.7K)
General release for WorkCentre 4250, contains fixes for many vulnerabilities.
Xerox Security Mini Bulletin XRX16Z_V1.0 (PDF 183.7K)
General release for WorkCentre 4260, contains fixes for many vulnerabilities.
Xerox Security Mini Bulletin XRX16Y_V1.0 (PDF 183.6K)
Contains fixes for Poodle, CVE-2014-0224 Man in the Middle, and cross site scripting on Phaser 6360.
Xerox Security Mini Bulletin XRX16X_V1.0 (PDF 185.5K)
General release for Phaser 3320, contains fixes for many vulnerabilities.
Xerox Security Bulletin XRX16-015 V1.1 (PDF 161.9K)
Contains fix for many CVEs on FreeFlow Print Server v2.1 Windows v7 Standalone.
Xerox Security Bulletin XRX16-014 V1.1 (PDF 232.8K)
Contains fix for many CVEs on FreeFlow Print Server v2.0 Windows 7 Integrated.
Xerox Security Bulletin XRX16-013 V1.1 (PDF 237.6K)
Contains fix for many CVEs on FreeFlow Print Server v7, v8 and v9 with DVD/USB media delivery.
Xerox Security Bulletin XRX16-016 V1.0 (PDF 222.9K)
Patch that enables FIPS 140-2 certified encryption and hashing for the SNMPv3 protocol. NOTE this patch is for ConnectKey Technology with SIPRNet support only.
Supported products: WC 3655; WC 5845/5855; WC 5865/5875/5890; WC 5945/5955; WC 6655; WC 7220/7225; WC 7830/7835/7845/7855 ; WC 7970
Xerox Security Mini Bulletin XRX16U_V1.0 (PDF 186.9K)
General release for Phaser 3635 MFP, contains fixes for many vulnerabilities.
Xerox Security Mini Bulletin XRX16T_V1.0 (PDF 188.3K)
General release for WorkCentre 3325, contains fixes for many vulnerabilities.
Xerox Security Mini Bulletin XRX16S_V1.0 (PDF 186.7K)
General release for WorkCentre 3315, contains fixes for many vulnerabilities.
Xerox Security Mini Bulletin XRX16R_V1.0 (PDF 111.9K)
Contains fix for CVE-2015-2808 Bar Mitzvah, the RC4 algorithm has been removed.
Xerox Security Mini Bulletin XRX16P_V1.1 (PDF 112.9K)
Includes fix for:
CVE-2015-2808 Bar Mitzvah
ï‚· Muptiple CVEs that were associated with Logjam. The following CVEs are fixed in this release.
ï‚· CVE-2014-8176
ï‚· CVE-2015-1788
ï‚· CVE-2015-1789
ï‚· CVE-2015-1790
ï‚· CVE-2015-1791
ï‚· CVE-2015-1792
on WorkCentre 7525/7530/7535/7545/7556
Xerox Security Mini Bulletin XRX16O_V1.1 (PDF 113.9K)
Contains fix for CVE-2015-2808 Bar Mitzvah (RC4 removed) and CVE-2015-7547 glibc vulnerability on ColorQube 8700/8900 and 9301/9302/9303.
Xerox Security Bulletin XRX16-007 V1.3 (PDF 255K)
Patch fixes an error in authentication using cards could allow unauthorized access to user print jobs. This patch applies to ConnectKey devices.
Xerox Security Bulletin XRX16-012 V1.0 (PDF 254K)
Contains fix for PagePack installation and card authentication issues.
Xerox Security Bulletin XRX16-011 V1.0 (PDF 177.7K)
Contains fix for many CVEs on FreeFlow Print Server v2.0 Windows 7 Integrated.
Xerox Security Bulletin XRX16-010 V1.0 (PDF 162.8K)
Contains fix for many CVEs on FreeFlow Print Server v2.1 Windows v7 Standalone.
Xerox Security Bulletin XRX16-009 V1.0 (PDF 240.2K)
Contains fix for many CVEs on FreeFlow Print Server v7, v8 and v9 with Update Manager network delivery.
Xerox Security Bulletin XRX16-008 V1.0 (PDF 298.2K)
Contains fix for many CVEs on FreeFlow Print Server v7, v8 and v9 with DVD/USB media delivery.
Xerox Security Mini Bulletin XRX16N_V1.0 (PDF 179.7K)
Contains Poodle fix and support for SHA-256 and 2048 bit digital certificates on WorkCentre 7120/7125.
Xerox Security Bulletin XRX16-004 V1.1 (PDF 236.4K)
Contains fixes for many CVE vulnerabilities on Free Flow Print Server for iGen 5.
Xerox Security Mini Bulletin XRX16M_V1.0 (PDF 196K)
This software contains fix for Poodle vulnerability and adds support for SHA-256 hash algorithm and 2048 bit digital certificates on Color 550/560/570.
Xerox Security Bulletin XRX16-006 V1.0 (PDF 165.1K)
New Common Criteria Certified release for WorkCentre 5755 only.
Xerox Security Mini Bulletin XRX16L_V1.0 (PDF 128.8K)
This is valid for the following models: WorkCentre 5845/5855/5865/5875/5890, WorkCentre 5865i/5875i/5890i, WorkCentre 5945/5945i/5955/5955i, WorkCentre 7220/7220i/7225/7225i, WorkCentre 7830/7830i/7835/7835i, WorkCentre 7845/7845i/7855/7855i, WorkCentre 3655/3655i, WorkCentre 6655/6655i, WorkCentre 7970/7970i
Xerox Security Bulletin XRX16-005 V1.0 (PDF 239.3K)
Contains fixes for many CVE vulnerabilities on Free Flow Print Server for C60/70.
Xerox Security Mini Bulletin XRX16K_V1.0 (PDF 115.9K)
Contains fix for Logjam and Bar Mitzvah vulnerabilities.
Xerox Security Mini Bulletin XRX16J_V1.0 (PDF 185.6K)
Contains fix for Logjam and VVxWorks vulnerabilities.
Xerox Security Mini Bulletin XRX16I_V1.0 (PDF 178.1K)
Contains fix for Poodle vulnerability.
Xerox Security Mini Bulletin XRX16H_V1.0 (PDF 239.1K)
Contains fix for Poodle and Freak vulnerabilities.
Xerox Security Mini Bulletin XRX16G_V1.0 (PDF 115.2K)
Contains fix for VxWorks TCP vulnerability
Xerox Security Mini Bulletin XRX16F_V1.0 (PDF 115.8K)
Contains fix for Logjam and VxWorks TCP vulnerabilities.
Xerox Security Mini Bulletin XRX16E_V1.0 (PDF 177.2K)
Contains fix for Poodle vulnerability.
Xerox Security Mini Bulletin XRX16D_V1.0 (PDF 115.4K)
Contains fix for Crime vulnerability.
Xerox Security Mini Bulletin XRX16C_V1.0 (PDF 115.9K)
This software contains fix for Logjam and VxWorks TCP Sequence vulnerabilities on WorkCentre 3550.
Xerox Security Mini Bulletin XRX16B_V1.0 (PDF 122.9K)
This software contains fix for Logjam, Freak and VxWorks TCP Sequence vulnerabilities on Phaser 3320.
Xerox Security Bulletin XRX16-003 V1.0 (PDF 273.6K)
This software contains fixes for many security vulnerabilities.
Note: Bulletin XRX16-002 is for media-based installation by a Xerox Service representative, bulletin XRX16-003 is for using Update Manager by customers internal IM staff or a Xerox Service representative.
Xerox Security Bulletin XRX16-002 V1.0 (PDF 352.4K)
This software contains fixes for many security vulnerabilities.
Note: Bulletin XRX16-002 is for media-based installation by a Xerox Service representative, bulletin XRX16-003 is for using Update Manager by customers internal IM staff or a Xerox Service representative.
Xerox Security Bulletin XRX16-001 V1.0 (PDF 153.2K)
The System Software Version and software patch listed below for the WorkCentre 7535/7556 contain cumulative updates that incorporate security vulnerability fixes up through 05 June 2015 as well as other non-security related defect fixes. This system software release with the software patch are Common Criteria certified.
Xerox Security Mini Bulletin XRX16A_V1.1 (PDF 121.9K)
This software contains fix for VxWorks TCP Sequence vulnerability on WorkCentre 3315.
Xerox Security Mini Bulletin XRX15BA_V1.0 (PDF 123.2K)
This software contains fix for Logjam, Freak and VxWorks TCP Sequence vulnerabilities on WorkCentre 3325. Also adds FIPS compatible SNMPv3.
Xerox Security Mini Bulletin XRX15AZ_V1.0 (PDF 119.3K)
This software contains fix for Logjam and VxWorks TCP Sequence vulnerabilities on Phaser 4600 and 4620.
Xerox Security Mini Bulletin XRX15AY_V1.0 (PDF 119.8K)
This software contains fix for Logjam and VxWorks TCP Sequence vulnerabilities on Phaser 4622. Also adds FIPS compatible SNMPv3.
Xerox Security Mini Bulletin XRX15AX_V1.0 (PDF 196.8K)
This software contains fix for Poodle vulnerability on Xerox Color C60 and C70.
Xerox Security Mini Bulletin XRX15AW_V1.0 (PDF 119.4K)
This software contains fix for Logjam and VxWorks TCP Sequence vulnerabilities on Phaser 3635MFp.
Xerox Security Mini Bulletin XRX15AU (PDF 85.2K)
V1.1
Xerox® Phaser® 6600 / WorkCentre® 6605
Xerox Security Bulletin XRX15-008 V1.0 (PDF 148.7K)
The System Software Version listed below for the WorkCentre 7970 is Common Criteria certified.
Xerox Security Mini Bulletin XRX15AT_V1.0 (PDF 234.2K)
This software contains fix for OpenSSL MiTM (Man in the Middle) Vulnerability (CVE-2014-0224), upgrades to SSL options, and added Cross Frame Scripting protection.