Contains fix for Poodle and Freak vulnerabilities.
Security Bulletins for Xerox Products
Xerox Security Mini Bulletin XRX16G_V1.0 (PDF 115.2K)
Contains fix for VxWorks TCP vulnerability
Xerox Security Mini Bulletin XRX16F_V1.0 (PDF 115.8K)
Contains fix for Logjam and VxWorks TCP vulnerabilities.
Xerox Security Mini Bulletin XRX16E_V1.0 (PDF 177.2K)
Contains fix for Poodle vulnerability.
Xerox Security Mini Bulletin XRX16D_V1.0 (PDF 115.4K)
Contains fix for Crime vulnerability.
Xerox Security Mini Bulletin XRX16C_V1.0 (PDF 115.9K)
This software contains fix for Logjam and VxWorks TCP Sequence vulnerabilities on WorkCentre 3550.
Xerox Security Mini Bulletin XRX16B_V1.0 (PDF 122.9K)
This software contains fix for Logjam, Freak and VxWorks TCP Sequence vulnerabilities on Phaser 3320.
Xerox Security Bulletin XRX16-003 V1.0 (PDF 273.6K)
This software contains fixes for many security vulnerabilities.
Note: Bulletin XRX16-002 is for media-based installation by a Xerox Service representative, bulletin XRX16-003 is for using Update Manager by customers internal IM staff or a Xerox Service representative.
Xerox Security Bulletin XRX16-002 V1.0 (PDF 352.4K)
This software contains fixes for many security vulnerabilities.
Note: Bulletin XRX16-002 is for media-based installation by a Xerox Service representative, bulletin XRX16-003 is for using Update Manager by customers internal IM staff or a Xerox Service representative.
Xerox Security Bulletin XRX16-001 V1.0 (PDF 153.2K)
The System Software Version and software patch listed below for the WorkCentre 7535/7556 contain cumulative updates that incorporate security vulnerability fixes up through 05 June 2015 as well as other non-security related defect fixes. This system software release with the software patch are Common Criteria certified.
Xerox Security Mini Bulletin XRX16A_V1.1 (PDF 121.9K)
This software contains fix for VxWorks TCP Sequence vulnerability on WorkCentre 3315.
Xerox Security Mini Bulletin XRX15BA_V1.0 (PDF 123.2K)
This software contains fix for Logjam, Freak and VxWorks TCP Sequence vulnerabilities on WorkCentre 3325. Also adds FIPS compatible SNMPv3.
Xerox Security Mini Bulletin XRX15AZ_V1.0 (PDF 119.3K)
This software contains fix for Logjam and VxWorks TCP Sequence vulnerabilities on Phaser 4600 and 4620.
Xerox Security Mini Bulletin XRX15AY_V1.0 (PDF 119.8K)
This software contains fix for Logjam and VxWorks TCP Sequence vulnerabilities on Phaser 4622. Also adds FIPS compatible SNMPv3.
Xerox Security Mini Bulletin XRX15AX_V1.0 (PDF 196.8K)
This software contains fix for Poodle vulnerability on Xerox Color C60 and C70.
Xerox Security Mini Bulletin XRX15AW_V1.0 (PDF 119.4K)
This software contains fix for Logjam and VxWorks TCP Sequence vulnerabilities on Phaser 3635MFp.
Xerox Security Mini Bulletin XRX15AU (PDF 85.2K)
V1.1
Xerox® Phaser® 6600 / WorkCentre® 6605
Xerox Security Bulletin XRX15-008 V1.0 (PDF 148.7K)
The System Software Version listed below for the WorkCentre 7970 is Common Criteria certified.
Xerox Security Mini Bulletin XRX15AT_V1.0 (PDF 234.2K)
This software contains fix for OpenSSL MiTM (Man in the Middle) Vulnerability (CVE-2014-0224), upgrades to SSL options, and added Cross Frame Scripting protection.
Xerox Security Mini Bulletin XRX15AV_V1.0 (PDF 122.4K)
This software contains fix for Logjam and VxWorks TCP Sequence vulnerabilities on WorkCentre 4260 and 4265.
WorkCenter 4265 release also contains fix for Freak vulnerability.
Xerox Security Mini Bulletin XRX15AS_V1.0 (PDF 146.7K)
This software contains fix for Logjam vulnerability for ConnectKey products.
Xerox Security Mini Bulletin XRX15AR_V1.0 (PDF 178.2K)
This software contains fix for Poodle and Logjam vulnerabilities on WorkCentre 4250.
Xerox Security Mini Bulletin XRX15AQ_V1.0 (PDF 178.5K)
This software contains fix for Poodle vulnerability on Phaser 6500 and WorkCentre 6505.
Xerox Security Mini Bulletin XRX15AP_V1.0 (PDF 283.3K)
This software contains fix for Freak vulnerability on WorkCentre 6400.
Xerox Security Mini Bulletin XRX15AO_V1.1 (PDF 210.5K)
This software release fixes many minor security issues on ColorQube 8570/8870 including Poodle, OpenSSL MitM and Heartbleed.
Xerox Security Mini Bulletin XRX15R_V1.0 (PDF 115.2K)
This software release contains fix for Freak and Ghost vulnerabilities on WorkCentre 77xx products.
Xerox Security Bulletin XRX15-007 V1.0 (PDF 301.3K)
Software upgrade patch for Free Flow Print Server fixes numerous security CVEs. Java 6 Update 101 Software is included in this release.
This covers Update Manager delivery of the patch.
Xerox Security Bulletin XRX15-006 V1.0 (PDF 220.9K)
Software upgrade patch for Free Flow Print Server fixes numerous security CVEs. Java 6 Update 101 Software is included in this release.
This covers media delivery of the patch.
Xerox Security Mini Bulletin XRX15AN_V1.0 (PDF 183.6K)
This software release contains fix for Poodle vulnerability on Phaser 6020 and 6022 and WorkCentre 6025 and 6027.
Xerox Security Mini Bulletin XRX15AM_V1.0 (PDF 210.3K)
This software release contains fix for Poodle and Freak vulnerabilities on Phaser 3052/3260 and 3020 and WorkCentre 3215/3225 and 3025BI and3025NI.
Xerox Security Mini Bulletin XRX15AL_V1.0 (PDF 165.5K)
This software release contains fix for Poodle vulnerability on Phaser 3610 and WorkCentre 3615.
Xerox Security Mini Bulletin XRX15AK_V1.0 (PDF 227.1K)
This bulletin and the software upgrade for the Phaser 3635MFP, fix the OpenSSL Poodle and Freak vulnerabilities.
Xerox Security Mini Bulletin XRX15AJ_V1.0 (PDF 194.7K)
Includes fix for Poodle and the FREAK OpenSSL vulnerabilities.
Xerox Security Mini Bulletin XRX15AI_V1.0 (PDF 200.2K)
Includes fix for Poodle vulnerability.
Xerox Security Mini Bulletin XRX15AH_V1.0 (PDF 203.2K)
Includes fixes for Freak and Poodle vulnerabilities.
Xerox Security Mini Bulletin XRX15AG_V1.0 (PDF 183.1K)
Includes fix for OpenSSL MitM (Man in the Middle) vulnerability.
Xerox Security Mini Bulletin XRX15AF_V1.0 (PDF 198.4K)
Includes fixes for Freak and Poodle vulnerabilities.
Xerox Security Mini Bulletin XRX15AE_V1.1 (PDF 179K)
NOTE: Correction has been made in naming convention. Technical contents has not changed nor the software. Use this version instead of XRX15AE_V1.0
This includes fix for POODLE vulnerability.
Xerox Security Mini Bulletin XRX15AD_V1.0a (PDF 158.5K)
Includes fixes for Freak, OpenSSL MiTM, Ghost and Poodle vulnerabilities.
Xerox Security Mini Bulletin XRX15AC_V1.0 (PDF 130.2K)
Xerox Security Mini Bulletin XRX15AB_V1.0 (PDF 175K)
Xerox Security Mini Bulletin XRX15AA_V1.0 (PDF 220.3K)
Xerox Security Mini Bulletin XRX15Z_V1.1 (PDF 170.6K)
Updated to clarify model designation.
Xerox Security Mini Bulletin XRX15V_V1.1 (PDF 218.8K)
NOTE: This document has had a new version created to remove an error in the vulnerabilities the software update corrects.
This software update does not correct the FREAK/LogJam vulnerabilities.
Xerox Security Mini Bulletin XRX15Y_V1.0 (PDF 219.3K)
Xerox Security Mini Bulletin XRX15X_V1.0 (PDF 218.4K)
Xerox Security Mini Bulletin XRX15W_V1.0 (PDF 218.9K)
Xerox Security Mini Bulletin XRX15U_V1.0 (PDF 193.3K)
Xerox Security Bulletin XRX15-005 V1.0 (PDF 140.7K)
Cumulative update for Common Criteria Certification
v1.0
06/11/15
Background
The System Software Version for the WorkCentre 4265 contains cumulative updates that incorporate security vulnerability fixes up through 30 September 2014 as well as other non-security related defect fixes. This release is Common Criteria certified.
The system software release for the product listed below is designed to be installed by the customer. Please follow the procedures contained in the bulletin to install the solution. The system software version is a full system release so the patch criticality rating is not applicable.
Xerox Security Bulletin XRX15-003 V1.1 (PDF 146K)
Cumulative update for Common Criteria Certification
v1.0
06/09/15
NOTE: This file was updated to correct a software version.
Background
The System Software Versions for the WorkCentre 3655 and WorkCentre 6655 are cumulative updates that incorporate security vulnerability fixes up through 28 January 2015 as well as other non-security related defect fixes. These releases are Common Criteria certified.
The system software releases for the products listed below are designed to be installed by the customer. Please follow the procedures contained in the bulletin to install the solution. The system software versions are full system releases so the patch criticality rating is not applicable.
These software releases are compressed into zip files and can be accessed via the links below or via the links on the Xerox Security Site.