https://community.checkpoint.com/t5/Spark-Firewall-SMB/Preventative-Hotfix-for-CVE-2024-24919-Quantum-Spark-Gateways/m-p/216781#M10746 <P>If the client does not want or is currently unable to switch to two-factor authentication, would this hotfix affect users by preventing them from accessing the VPN using only their password?</P> Thu, 06 Jun 2024 21:59:09 GMT lgarridor 2024-06-06T21:59:09Z https://community.checkpoint.com/t5/Spark-Firewall-SMB/Preventative-Hotfix-for-CVE-2024-24919-Quantum-Spark-Gateways/m-p/216105#M10732 <P>Hi All</P> <P>Please review the following SK for latest firmware's containing a Fix for CVE-2024-24919 and other important measures it is recommended to implement on the GW.</P> <P><A href="https://support.checkpoint.com/results/sk/sk182357" target="_blank">https://support.checkpoint.com/results/sk/sk182357</A></P> <P>&nbsp;</P> <P>&nbsp;</P> <P>Thanks</P> <P>Amir Ayalon</P> <P>&nbsp;</P> Sun, 02 Jun 2024 08:28:43 GMT https://community.checkpoint.com/t5/Spark-Firewall-SMB/Preventative-Hotfix-for-CVE-2024-24919-Quantum-Spark-Gateways/m-p/216105#M10732 Amir_Ayalon 2024-06-02T08:28:43Z https://community.checkpoint.com/t5/Spark-Firewall-SMB/Preventative-Hotfix-for-CVE-2024-24919-Quantum-Spark-Gateways/m-p/216781#M10746 <P>If the client does not want or is currently unable to switch to two-factor authentication, would this hotfix affect users by preventing them from accessing the VPN using only their password?</P> Thu, 06 Jun 2024 21:59:09 GMT https://community.checkpoint.com/t5/Spark-Firewall-SMB/Preventative-Hotfix-for-CVE-2024-24919-Quantum-Spark-Gateways/m-p/216781#M10746 lgarridor 2024-06-06T21:59:09Z https://community.checkpoint.com/t5/Spark-Firewall-SMB/Preventative-Hotfix-for-CVE-2024-24919-Quantum-Spark-Gateways/m-p/216809#M10747 <P>No, the posted hotfix is closing the vulnerability, not preventing users from connecting with password-only authentication.</P> <P>However, it is strongly advisable to reset passwords for such users and to follow all the security measures mentioned in&nbsp;<A href="https://support.checkpoint.com/results/sk/sk182357" target="_blank" rel="noopener noreferrer">https://support.checkpoint.com/results/sk/sk182357</A>&nbsp;and not just apply the fix.</P> Fri, 07 Jun 2024 10:56:04 GMT https://community.checkpoint.com/t5/Spark-Firewall-SMB/Preventative-Hotfix-for-CVE-2024-24919-Quantum-Spark-Gateways/m-p/216809#M10747 _Val_ 2024-06-07T10:56:04Z