Xerox Security Bulletin XRX16-003 V1.0 (PDF 273.6K)

This software contains fixes for many security vulnerabilities.

Note: Bulletin XRX16-002 is for media-based installation by a Xerox Service representative, bulletin XRX16-003 is for using Update Manager by customers internal IM staff or a Xerox Service representative.

Xerox Security Bulletin XRX16-002 V1.0 (PDF 352.4K)

This software contains fixes for many security vulnerabilities.

Note: Bulletin XRX16-002 is for media-based installation by a Xerox Service representative, bulletin XRX16-003 is for using Update Manager by customers internal IM staff or a Xerox Service representative.

Xerox Security Bulletin XRX16-001 V1.0 (PDF 153.2K)

The System Software Version and software patch listed below for the WorkCentre 7535/7556 contain cumulative updates that incorporate security vulnerability fixes up through 05 June 2015 as well as other non-security related defect fixes. This system software release with the software patch are Common Criteria certified.

Xerox Security Mini Bulletin XRX15BA_V1.0 (PDF 123.2K)

This software contains fix for Logjam, Freak and VxWorks TCP Sequence vulnerabilities on WorkCentre 3325. Also adds FIPS compatible SNMPv3.

Xerox Security Mini Bulletin XRX15AT_V1.0 (PDF 234.2K)

This software contains fix for OpenSSL MiTM (Man in the Middle) Vulnerability (CVE-2014-0224), upgrades to SSL options, and added Cross Frame Scripting protection.

Xerox Security Mini Bulletin XRX15AV_V1.0 (PDF 122.4K)

This software contains fix for Logjam and VxWorks TCP Sequence vulnerabilities on WorkCentre 4260 and 4265.

WorkCenter 4265 release also contains fix for Freak vulnerability.

Xerox Security Bulletin XRX15-007 V1.0 (PDF 301.3K)

Software upgrade patch for Free Flow Print Server fixes numerous security CVEs. Java 6 Update 101 Software is included in this release.

This covers Update Manager delivery of the patch.

Xerox Security Bulletin XRX15-006 V1.0 (PDF 220.9K)

Software upgrade patch for Free Flow Print Server fixes numerous security CVEs. Java 6 Update 101 Software is included in this release.

This covers media delivery of the patch.

Xerox Security Mini Bulletin XRX15AM_V1.0 (PDF 210.3K)

This software release contains fix for Poodle and Freak vulnerabilities on Phaser 3052/3260 and 3020 and WorkCentre 3215/3225 and 3025BI and3025NI.

Xerox Security Mini Bulletin XRX15AE_V1.1 (PDF 179K)

NOTE: Correction has been made in naming convention. Technical contents has not changed nor the software. Use this version instead of XRX15AE_V1.0

This includes fix for POODLE vulnerability.

Xerox Security Mini Bulletin XRX15V_V1.1 (PDF 218.8K)

NOTE: This document has had a new version created to remove an error in the vulnerabilities the software update corrects.

This software update does not correct the FREAK/LogJam vulnerabilities.

Xerox Security Bulletin XRX15-005 V1.0 (PDF 140.7K)

Cumulative update for Common Criteria Certification
v1.0
06/11/15

Background
The System Software Version for the WorkCentre 4265 contains cumulative updates that incorporate security vulnerability fixes up through 30 September 2014 as well as other non-security related defect fixes. This release is Common Criteria certified.

The system software release for the product listed below is designed to be installed by the customer. Please follow the procedures contained in the bulletin to install the solution. The system software version is a full system release so the patch criticality rating is not applicable.

Xerox Security Bulletin XRX15-003 V1.1 (PDF 146K)

Cumulative update for Common Criteria Certification
v1.0
06/09/15

NOTE: This file was updated to correct a software version.

Background
The System Software Versions for the WorkCentre 3655 and WorkCentre 6655 are cumulative updates that incorporate security vulnerability fixes up through 28 January 2015 as well as other non-security related defect fixes. These releases are Common Criteria certified.

The system software releases for the products listed below are designed to be installed by the customer. Please follow the procedures contained in the bulletin to install the solution. The system software versions are full system releases so the patch criticality rating is not applicable.

These software releases are compressed into zip files and can be accessed via the links below or via the links on the Xerox Security Site.