topic [Action Required] – Important notification to Customer with Threat Emulation blade enabled – An Upda in Firewall and Security Management https://community.checkpoint.com/t5/Firewall-and-Security-Management/Action-Required-Important-notification-to-Customer-with-Threat/m-p/276607#M105269 <P>Dear valued customer,</P> <P>Following an internal review using newly available AI tools, we have proactively identified a potential risk in your environment related to Threat Emulation.</P> <P>We have already prepared a solution for you - it is imperative that you install it at the soonest possible time.</P> <P>Implementing the solution is a straightforward process that does not require a reboot, restart, or policy install.</P> <P>Be advised that this notification is relevant for customers using Threat Emulation with Gaia versions 80.40, 81, 81.10, 81.20,82, 82.10</P> <P>Proposed Solution- Please follow one of the two options below:</P> <P>Option 1 - Enable Automatic Updates (Recommended):</P> <P>Note: The Security Gateway / Threat Emulation appliance must have an active Internet connection.<BR />Automatic downloads are enabled by default. If they were previously disabled, you must re-enable them using the following steps:<BR />1. Enable the required consent flags:<BR />For Gaia versions R81.20 and higher - You must enable the 'Download Security' consent flag. Refer to sk175504 (See section: 2. Enabling and Disabling the Consent Flags).<BR />For Gaia versions R81.10 and lower: You must enable the 'Allow Download' consent flag. Refer to sk111080 (See section: 4. How consent flags are modified)</P> <P>2. Enable Automatic Updates for Threat Emulation:<BR />Follow the official Administration Guide for your specific Gaia version to enable automatic updates for the Threat Emulation blade:<BR />(Go to 'To enable or disable Automatic Updates for Threat Emulation')<BR />R82.10: Threat Prevention Admin Guide (R82.10)<BR />R82: Threat Prevention Admin Guide (R82)<BR />R81.20: Threat Prevention Admin Guide (R81.20)<BR />R81.10: Threat Prevention Admin Guide (R81.10)<BR />R81: Threat Prevention Admin Guide (R81)<BR />R80.40: Threat Prevention Admin Guide (R80.40)</P> <P>Option 2 - Perform an Offline Update:</P> <P>If your Security Gateway/ Threat Emulation appliance operates in an offline environment or cannot connect to the Internet, you must manually apply the update.<BR />1. Follow the procedure to import and install an offline Threat Emulation update package as described in sk92509.<BR />2. Ensure you download and install engine revision 11.36 Revision 60.990002500 or higher.</P> <P>Verification:<BR />After completing either Option 1 or Option 2, verify that the update was successful.<BR />1. Connect to the command line on your Security Gateway.<BR />2. Log in to Expert mode.<BR />3. Run the following command to check the current engine version: tecli advanced engine version<BR />4. Confirm that the output displays version 60.990002500 or higher.</P> <P><BR />For any further questions, please contact our Technical Support or email us at contact_support@checkpoint.com.</P> <P>Check Point is committed to delivering the highest quality products and services. Thank you for driving this with urgency.</P> <P><BR />Sincerely,</P> Wed, 06 May 2026 18:23:28 GMT RemoteUser 2026-05-06T18:23:28Z [Action Required] – Important notification to Customer with Threat Emulation blade enabled – An Upda https://community.checkpoint.com/t5/Firewall-and-Security-Management/Action-Required-Important-notification-to-Customer-with-Threat/m-p/276607#M105269 <P>Dear valued customer,</P> <P>Following an internal review using newly available AI tools, we have proactively identified a potential risk in your environment related to Threat Emulation.</P> <P>We have already prepared a solution for you - it is imperative that you install it at the soonest possible time.</P> <P>Implementing the solution is a straightforward process that does not require a reboot, restart, or policy install.</P> <P>Be advised that this notification is relevant for customers using Threat Emulation with Gaia versions 80.40, 81, 81.10, 81.20,82, 82.10</P> <P>Proposed Solution- Please follow one of the two options below:</P> <P>Option 1 - Enable Automatic Updates (Recommended):</P> <P>Note: The Security Gateway / Threat Emulation appliance must have an active Internet connection.<BR />Automatic downloads are enabled by default. If they were previously disabled, you must re-enable them using the following steps:<BR />1. Enable the required consent flags:<BR />For Gaia versions R81.20 and higher - You must enable the 'Download Security' consent flag. Refer to sk175504 (See section: 2. Enabling and Disabling the Consent Flags).<BR />For Gaia versions R81.10 and lower: You must enable the 'Allow Download' consent flag. Refer to sk111080 (See section: 4. How consent flags are modified)</P> <P>2. Enable Automatic Updates for Threat Emulation:<BR />Follow the official Administration Guide for your specific Gaia version to enable automatic updates for the Threat Emulation blade:<BR />(Go to 'To enable or disable Automatic Updates for Threat Emulation')<BR />R82.10: Threat Prevention Admin Guide (R82.10)<BR />R82: Threat Prevention Admin Guide (R82)<BR />R81.20: Threat Prevention Admin Guide (R81.20)<BR />R81.10: Threat Prevention Admin Guide (R81.10)<BR />R81: Threat Prevention Admin Guide (R81)<BR />R80.40: Threat Prevention Admin Guide (R80.40)</P> <P>Option 2 - Perform an Offline Update:</P> <P>If your Security Gateway/ Threat Emulation appliance operates in an offline environment or cannot connect to the Internet, you must manually apply the update.<BR />1. Follow the procedure to import and install an offline Threat Emulation update package as described in sk92509.<BR />2. Ensure you download and install engine revision 11.36 Revision 60.990002500 or higher.</P> <P>Verification:<BR />After completing either Option 1 or Option 2, verify that the update was successful.<BR />1. Connect to the command line on your Security Gateway.<BR />2. Log in to Expert mode.<BR />3. Run the following command to check the current engine version: tecli advanced engine version<BR />4. Confirm that the output displays version 60.990002500 or higher.</P> <P><BR />For any further questions, please contact our Technical Support or email us at contact_support@checkpoint.com.</P> <P>Check Point is committed to delivering the highest quality products and services. Thank you for driving this with urgency.</P> <P><BR />Sincerely,</P> Wed, 06 May 2026 18:23:28 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Action-Required-Important-notification-to-Customer-with-Threat/m-p/276607#M105269 RemoteUser 2026-05-06T18:23:28Z Re: [Action Required] – Important notification to Customer with Threat Emulation blade enabled – An https://community.checkpoint.com/t5/Firewall-and-Security-Management/Action-Required-Important-notification-to-Customer-with-Threat/m-p/276631#M105278 <P>Hello, and apologies for what might be a silly question: I’m not entirely sure whether this also affects the use of ThreadCloud. We don’t use local analysis. The Emulation Engine version on the gateway is 59.x.</P><P>Thanks in advance.</P><P>Kind regards</P> Thu, 07 May 2026 10:55:11 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Action-Required-Important-notification-to-Customer-with-Threat/m-p/276631#M105278 sascham 2026-05-07T10:55:11Z