Published: October 2023 (Retrospective Analysis)
In the world of Unified Threat Management (UTM) and next-generation firewalls, few software solutions have maintained a cult following quite like Kerio Control. While the product line has since evolved and shifted under the ownership of GFI Software, the Kerio Control 9.4.2 release from 2021 remains a critical milestone. For many IT administrators, this specific version represents the peak of stability, feature balance, and reliability before subsequent architecture changes.
If you are currently maintaining a legacy system, planning a migration, or simply curious about why version 9.4.2 (2021) is still a talking point in forums, this article covers everything you need to know: installation, security patches, known issues, hardware compatibility, and the path forward.
The Kerio Control 942 in 2021 represented a peak moment for the Kerio brand. It was a tangible, reliable, no-nonsense firewall that bridged the gap between expensive enterprise gear like Fortinet and unreliable consumer routers.
In 2021, if you were a business owner or MSP looking for a set-it-and-forget-it UTM that could handle 100 remote VPN users, 500 Mbps of web traffic, and block ransomware at the gate—the 942 was your answer.
Today, it remains a viable secondary device or lab unit, but only if updated to the final stable 9.4.x release. For new deployments, look toward Kerio Control 10 or cloud-native SASE solutions. However, for those running a "Kerio Control 942 2021" configuration, you own a piece of SMB networking history that, when properly maintained, still routes with the tenacity of a far more expensive machine.
Further Reading & Resources:
Last updated: 2025
Kerio Control 9.4.2 (released in 2021-2022), a highly helpful feature is the Updated IPsec VPN
. This update addressed critical connectivity and performance issues specifically for remote workers and branch office tunnels. support.keriocontrol.gfi.com Key Feature: High Availability (Failover)
While not exclusive to this sub-version, the 2021 releases refined High Availability
. This feature ensures that if your primary Kerio Control machine fails, a second one automatically takes over. Why it's helpful
: It prevents network downtime and security exposure during hardware crashes. Version Specifics : The 9.4.2 update included fixes for Mac upload speed degradation and improved IPsec SNAT
performance, making it more reliable for mixed-device environments. support.keriocontrol.gfi.com Other Helpful Features in 9.4.x
If you are managing this version, you also have access to these core Unified Threat Management (UTM) tools: 2FA Token Expiration
: Configure specific expiration times for VPN Two-Factor Authentication to balance security and user convenience. HTTP/S Redirect
: Use the reverse proxy to automatically redirect traffic, which is essential for secure web hosting. Automatic Configuration Backup
: Kerio Control can automatically save your entire configuration to daily, allowing for quick recovery if the hardware fails. Kerio Control Statistics
: Generates detailed usage reports that can be automatically emailed to administrators, helping you monitor employee productivity and bandwidth-hogging applications. support.keriocontrol.gfi.com Critical Security Note As of late 2024, a major Remote Code Execution (RCE) vulnerability
was discovered affecting versions 9.2.5 through 9.4.5. If you are still running 9.4.2, it is strongly recommended to Upgrade Kerio Control
to the latest version (e.g., 9.4.5p1 or higher) to protect your network from these exploits. or specific firewall rule configurations for this version? Overview of Kerio Control
Kerio Control version 9.4.2 was a maintenance release focused on updating core security protocols and resolving specific performance issues . A key feature/update in this version was the Updated IPsec VPN IPsec SNAT capabilities support.keriocontrol.gfi.com Key Version-Specific Features & Fixes (9.4.2) IPsec VPN Updates:
Included refinements to IPsec VPN and IPsec SNAT (Source Network Address Translation) for more reliable secure tunneling. Performance Fixes:
Addressed an issue where users on macOS experienced significant upload speed degradation. WiFi & Authentication:
Fixed specific errors related to WiFi authentication when using RADIUS. support.keriocontrol.gfi.com Core Kerio Control Capabilities
In addition to the 9.4.2 specific updates, this release maintains the core features found in the Kerio Control GFI Unified Threat Management (UTM):
Next-generation firewall that includes Intrusion Detection and Prevention (IPS) using Snort-based behavior analysis. Kerio Antivirus:
Integrated gateway antivirus powered by the Bitdefender engine to scan traffic for malware. Bandwidth Management:
Quality of Service (QoS) tools to prioritize critical traffic like VoIP and limit bandwidth for non-essential activities. Advanced Reporting:
Detailed usage reports through Kerio Control Statistics that track individual user activities and web searches. Kerio Software Archive system requirements for deploying this version on your hardware? GFI KerioControl
Kerio Control version 9.4.2 was released in October 2022, addressing VPN connectivity, Wi-Fi authentication, and Mac upload speeds, while 9.3.6 was the primary version released in 2021. Detailed reports for these versions cover improved IPsec, VMware virtualization support, and updated OpenSSL libraries. For the full release notes and technical details, visit Kerio Support support.keriocontrol.gfi.com Kerio Control 9.4.2 Release Notes - GFI
Kerio Control 9.4.2, released in late 2021 and early 2022, represents a significant maintenance and performance milestone for GFI’s Unified Threat Management (UTM) solution. This version focused on modernizing the underlying architecture with a Linux kernel upgrade and refining security protocols for remote work environments.
Whether you are managing a hardware appliance or a virtual environment, Kerio Control 9.4.2 provides a robust layer of protection against evolving cyber threats while maintaining the user-friendly interface the brand is known for. What’s New in Kerio Control 9.4.2?
The "2021" designation often refers to the development cycle of this specific branch, which brought several critical enhancements:
Kernel Modernization: A shift to Linux kernel 4.19 (from 3.16) improved hardware compatibility and overall system stability.
Enhanced 2FA Control: Administrators gained the ability to configure expiration times for 2FA tokens, providing a better balance between security and user convenience for VPN access.
Reverse Proxy Improvements: This version added support for HTTP/S redirection within the reverse proxy settings, simplifying how external traffic is routed to internal servers.
Critical Fixes: It addressed performance issues specifically related to macOS upload speeds and fixed authentication errors when using RADIUS for Wi-Fi. Core Security Features
Kerio Control continues to serve as a "set-it-and-forget-it" security hub for small to medium-sized businesses. Key pillars of its protection include:
Next-Generation Firewall: High-performance packet inspection and application-layer gateways.
Intrusion Prevention System (IPS): Based on the Snort engine, it monitors incoming and outgoing traffic for suspicious patterns.
VPN Support: It supports Kerio Control VPN, IPsec, and OpenVPN, ensuring secure remote access regardless of the client device. kerio control 942 2021
Web and Content Filtering: Administrators can block or allow access to specific website categories and applications using the Kerio Control Web Filter. System Requirements for Version 9.4.2
To ensure stable performance, the official system requirements for 9.4.2 include: Minimum Requirement CPU 2 GHz (Multi-core recommended) Memory Hard Drive 12 GB for OS, logs, and statistics Network 2x Ethernet adapters (10/100/1000 Mbit) Installation and Upgrading
Users can download the latest builds, including the 9.4.2 patch series, directly from the Kerio Software Archive.
For Virtual Deployments: Use the pre-configured VMware or Hyper-V appliances for rapid setup.
For Hardware: Existing NG-series boxes (like the NG110 or NG310) are fully compatible with this update branch. Conclusion
Kerio Control 9.4.2 is a stable, mature version of the platform that remains a reliable choice for organizations that need powerful security without the complexity of enterprise-grade firewalls. With its 2021-era updates, it effectively addresses modern needs for remote security and improved network throughput.
Are you planning an upgrade from an older version or a fresh installation on new hardware? System Requirements for Kerio Control - KerioControl - GFI
Kerio Control version 9.4.2, released in late 2021, was a focused update primarily aimed at refining stability and fixing critical networking bugs rather than introducing flashy new features. Core Highlights of the 9.4.2 Update
The Kerio Control 9.4.2 Release Notes detailed several specific performance "quality of life" improvements:
Mac Upload Speeds: Resolved a known issue where users experienced significant upload speed degradation when using the Kerio VPN client on macOS.
VPN Stability: Updated IPsec VPN and IPsec SNAT protocols to ensure more secure and reliable site-to-site tunnels.
WiFi Authentication: Fixed errors related to RADIUS authentication that previously caused users to fail when connecting to WiFi networks protected by Kerio.
Certificate Management: This period saw crucial updates to Let's Encrypt certificates within the system, ensuring automated SSL renewals continued to function without manual intervention. Why 2021 was a "Pivot Year" for Kerio
In 2021, Kerio Control (owned by GFI Software) shifted its focus toward becoming a Unified Threat Management (UTM) solution. The "interesting" part of this era was the integration of several high-end security layers into a single small-business package: Intrusion Prevention (IPS)
Uses Snort-based analysis to block known attacks in real-time. Web Content Filtering
Allows admins to block 141+ categories of websites (like gaming or social media). Bandwidth Management
Prioritizes "important" traffic (VoIP, Zoom) over "background" traffic (YouTube, Netflix). Application Control
Can block specific apps like BitTorrent or Skype, even if they try to bypass standard ports. Technical Tip: The "X-Forwarded-For" Era
Shortly after the 9.4.2 cycle, Kerio added X-Forwarded-For headers in NAT scenarios. This was a massive win for administrators who needed to see the original source IP of a user behind a proxy, making Kerio Control log analysis much more powerful for security audits. If you'd like, I can provide: Installation guides for the 9.4.2 build. A comparison of 9.4.2 vs the newest 9.5+ versions.
Help configuring the Web Filter for your specific office needs.
Kerio Control 9.4.2, released in late 2021 and updated through late 2022 with its 9.4.2 patch 1 (9.4.2p1), is a Unified Threat Management (UTM) firewall designed for small-to-medium businesses. Key Features & Performance
Ease of Use: Users highly rate its simplicity and clean GUI, making it manageable for IT staff without deep networking expertise.
Security Suite: Includes next-generation firewall capabilities, Intrusion Prevention (IPS), gateway antivirus, and web content filtering.
VPN Capabilities: Offers proprietary Kerio VPN and standard IPsec/L2TP for secure remote access.
Traffic Management: Features load balancing, bandwidth prioritization, and detailed activity reporting. Critical Considerations & Performance Issues
While generally stable, the 9.4.2 (specifically 9.4.2p1) version faced several documented challenges:
Performance Degradation: Some users reported slow system responsiveness, dropped packets, and random lock-ups after upgrading to 9.4.2p1. Feature-Specific Glitches:
Mac Upload Speeds: Known issues with significant speed degradation on macOS.
Hardware Issues: Blank displays on NG510/NG511 devices and non-functional Wi-Fi on certain NG100W/NG300W boxes.
Certificate Errors: Issues with RADIUS authentication defaulting to an "ubuntu" certificate instead of a selected one. Pros and Cons (2021/2022 Context) GFI KerioControl
Kerio Control 9.4.2 is a notable version of the Unified Threat Management (UTM) solution developed by GFI Software, released in October 2022. Although users often associate it with 2021 due to the software’s lifecycle and the previous 9.3.x updates released that year, version 9.4.2 served as a stabilizing milestone that introduced critical system-level improvements for small-to-medium businesses. The Evolution of Kerio Control in 2021–2022
In 2021, Kerio Control focused on refining its core engine through version 9.3.6, improving patch resolution and stability during the peak of the remote work transition. By the time version 9.4.2 arrived in late 2022, the product had evolved into a comprehensive "next-generation" firewall designed to handle more complex network demands. Key Features of Version 9.4.2
This specific release brought several vital updates to the Kerio ecosystem:
Kernel Upgrade: One of the most significant changes was a core kernel update, which improved hardware compatibility and overall system performance.
Enhanced VPN Security: It introduced configurable Two-Factor Authentication (2FA) token expirations for the Kerio VPN, allowing administrators to tighten security for remote workers.
Reverse Proxy Improvements: The addition of an HTTP/S redirection function within the reverse proxy simplified how businesses manage secure web traffic and internal applications.
Mac Performance Fixes: It addressed specific issues regarding upload speed degradation on macOS, a critical fix for creative and technical teams using Apple infrastructure. Unified Threat Management (UTM) Capabilities
Version 9.4.2 continued to leverage the core strengths that make Kerio Control a popular alternative to enterprise solutions like Cisco Firepower:
Intrusion Prevention System (IPS): Based on Snort technology, the system monitors network traffic for suspicious behavior and blocks threats in real-time.
Bandwidth Management: Administrators can prioritize critical traffic (like VoIP) and cap lower-priority activities (like streaming) to ensure business continuity.
Web Content Filtering: It categorizes billions of web pages into over 140 categories, allowing businesses to block productivity-draining or malicious sites. Deployment and Management Further Reading & Resources:
A major appeal of the 9.4.2 era was its flexible deployment. Organizations can run Kerio Control as a hardware appliance, such as the Kerio Control Box 1120, or as a virtual appliance in VMware environments. Centralized management is handled via MyKerio, a cloud-based console that provides remote configuration and automatic backups, ensuring that IT teams can manage multiple sites without being physically present.
While 2021 was a year of incremental patches, the 9.4.2 update represented the "modern" baseline for Kerio Control, combining a hardened OS with advanced remote access features that remain relevant for today's distributed workforces. Kerio Control 9.4.2 Release Notes - GFI
Kerio Control version 9.4.2 was released in late 2021 as part of GFI Software's ongoing updates for its next-generation firewall and unified threat management solution. This specific build focused on security hardening and stability improvements for small to mid-sized businesses. Key Features of Kerio Control
Kerio Control provides a comprehensive security layer for network traffic, including:
Next-Generation Firewall: Manages and filters incoming and outgoing traffic to protect against external threats.
Intrusion Prevention System (IPS): Uses Snort-based analysis to detect and block malicious network activity.
VPN Capabilities: Supports Kerio Control VPN and standard IPsec VPN for secure remote access. Users can refer to the User Guide for configuration steps.
Content Filtering: Allows administrators to block or monitor access to specific website categories or individual URLs. Administration and Configuration
To manage the system, administrators typically use the web interface. You can access it by navigating to your server's IP address on port 4081 (e.g., https://). For advanced tasks, such as modifying parameters or recovering from issues, you can:
Access the Shell via SSH: This can be enabled through the System Health status page while holding the Shift key.
Use the Serial Console: This is useful for modifying configuration files like winroute.cfg directly when the web interface is unavailable.
Consult Documentation: For older legacy versions or general administrative structure, the Admin Guide provides a foundational overview of the software's architecture. Contextual Notes
While Kerio Control focuses on network security, GFI also offers Kerio Connect for email and messaging. It is important not to confuse the two, as they use different administrative procedures; for example, resetting an admin password in Connect requires stopping the mail service and editing specific user files, whereas Control management is handled through its own dedicated firewall interface. Modifying Kerio Control Configuration via Serial Console
Kerio Control 9.4.2 was released on October 11, 2022, with Build ID 7279 . There was no specific "9.4.2" version released in 2021; however, version 9.3.6 was the primary branch maintained during that period . Key Version Details
Version 9.4.2 (Oct 2022): Addressed issues with Mac upload speeds, updated IPsec VPN, and fixed WiFi authentication errors with Radius .
Version 9.4.2 Patch 1 (Oct 17, 2022): Released shortly after to fix critical bugs and further stabilize the build .
Intermediate Updates: Users on older builds (pre-2021) often need to upgrade to an intermediate version, such as 9.4.3 p4, to bypass file size limitations in older web administration interfaces . Administration & Updates To manage or update your Kerio Control instance:
Check for Updates: Navigate to Configuration > Advanced Options > Software Updates in the GFI KerioControl Admin Interface .
Login Access: The default web interface is typically at https://[server-address]:4081/ .
Support & Documentation: Official release notes and troubleshooting guides are hosted on the GFI KerioControl Support Portal . Logging to Kerio Control
The server room hummed its usual low, anesthetic drone. For Michael Chen, the IT director for the multi-state credit union "Summit Trust," that hum was the sound of stability. And stability, in the spring of 2021, was a precious commodity.
The physical heart of his network was a modest but mighty appliance: a Kerio Control Box 942. It was a 1U rackmount unit, its black steel face cool to the touch, a row of blinking green LEDs winking like binary fireflies. It was their firewall, their VPN server, their traffic shaper, and their content filter. For three years, the 942 had been a silent, obedient sentinel.
Then came the alert.
March 15, 2021, 2:42 AM. Michael’s phone vibrated on his nightstand. He was bleary-eyed from a late patch deployment, but the specific, shrill tone of the monitoring system jolted him awake. CRITICAL: Kerio Control 942 – CPU at 98%. Temperature: 82°C.
He stumbled to his home office, pulling up the remote management interface. The dashboard looked like a patient flatlining. The normally sedate traffic graph was a solid, angry bar. The state table, which tracked active network connections, had exploded from its usual 8,000 to nearly 47,000. The 942, powered by an Intel Atom D525 and 2GB of RAM, was gasping for air.
“What the hell…” he muttered, scrolling through the live log.
It was a storm of UDP packets. Not from a single external IP, but from thousands. They were all destined for port 942—a non-standard port he’d configured for a legacy inter-branch timekeeping system years ago and never thought about again.
It was a distributed reflection attack. Someone had found the open port and was using a botnet to hammer it with tiny, legitimate-looking requests that forced the 942 to do expensive cryptographic handshakes. The little Atom processor was drowning in a sea of math.
At 3:15 AM, the first branch called. The automated teller machine at the downtown plaza showed “Network Error.” At 3:22, the online banking portal started throwing 504 gateway timeouts. By 4:00 AM, Michael was in the server room, the cold air washing over him as he faced the 942. Its green LEDs were now frantic, strobing. A faint, high-pitched whine—coil whine from the power supply—sang a song of distress.
He had three options:
Michael opened his terminal and connected via SSH. It took three tries. The lag was a full second. He typed:
sudo tail -f /var/log/kerio/control/security.log
The screen vomited text. He saw the source IPs: random, global. But he saw the destination: port 942. And he saw the payload size: a consistent 512 bytes.
A plan formed. It was a scalpel, not a hammer.
He quickly wrote an iptables rule (Kerio Control was built on a hardened Linux kernel). His fingers flew, knowing that one typo could lock him out entirely.
sudo iptables -I INPUT -p udp --dport 942 -m length --length 512 -m recent --set --name UDPATTACK
sudo iptables -I INPUT -p udp --dport 942 -m length --length 512 -m recent --update --seconds 60 --hitcount 3 --name UDPATTACK -j DROP
If more than three 512-byte UDP packets hit port 942 from any source in 60 seconds, drop the rest.
He hit enter.
For ten seconds, nothing changed. The log still screamed. The high-pitched whine from the 942’s power supply seemed to crescendo.
Then, like a switch being flipped, the log went silent. The CPU graph on his second monitor began to plummet: 98%... 74%... 41%... 12%. The state table drained from 47,000 to 1,200. The frantic green LEDs settled back into their calm, rhythmic blink.
The 942 had survived.
Michael leaned back in his chair, the cold sweat on his back turning icy. He watched the sunrise over the city through the small, reinforced window of the server room. At 6:00 AM, the first branch manager called. “Morning, Mike. Looks like the ATMs are back. Was there an update last night?”
“Something like that,” Michael said, staring at the Kerio Control 942. It was just a box. But for a few hours in 2021, it had been the difference between a bad morning and a catastrophic one. He opened a ticket to re-architect the timekeeping system. And he made a mental note: never underestimate the quiet ones. They scream the loudest when they’re dying. Last updated: 2025 Kerio Control 9
A very specific topic!
Here's an essay on Kerio Control 9.4.2 2021:
Introduction
In the era of increasing cyber threats and data breaches, network security has become a top priority for organizations of all sizes. One crucial aspect of network security is firewall and network traffic control. Kerio Control, a popular network security solution, has been a reliable choice for businesses to protect their networks from various threats. The latest version, Kerio Control 9.4.2, released in 2021, comes with enhanced features and improvements to provide robust network security. This essay will discuss the key features, benefits, and improvements in Kerio Control 9.4.2 2021.
Key Features of Kerio Control 9.4.2
Kerio Control 9.4.2 is a comprehensive network security solution that offers a range of features to protect networks from threats. Some of the key features include:
Improvements in Kerio Control 9.4.2 2021
The 9.4.2 version of Kerio Control, released in 2021, includes several improvements and enhancements:
Benefits of Kerio Control 9.4.2
The benefits of using Kerio Control 9.4.2 include:
Conclusion
Kerio Control 9.4.2 2021 is a robust network security solution that offers a range of features and improvements to protect networks from threats. With its stateful firewall, IDPS, content filtering, and VPN support, the solution provides comprehensive network security. The updates and enhancements in the 9.4.2 version ensure that the solution remains secure, efficient, and easy to manage. For organizations looking for a reliable and cost-effective network security solution, Kerio Control 9.4.2 is an excellent choice.
Kerio Control 9.4.2 – 2021 Release Overview
Kerio Control, a unified threat management (UTM) firewall solution from GFI Software, saw version 9.4.2 as a key update in 2021. This release focused on enhancing network security, performance, and stability for small to medium-sized businesses.
Key Features in Kerio Control 9.4.2 (2021):
Why it mattered in 2021:
With many organizations still operating hybrid or fully remote work environments, Kerio Control 9.4.2 provided a more reliable and secure edge firewall. Its VPN improvements were particularly valuable for maintaining productivity without compromising on data protection.
Upgrade note:
Users on versions earlier than 9.4.1 were advised to test 9.4.2 in a lab environment before production deployment, as the update contained kernel-level changes affecting network interfaces on some hardware appliances (e.g., Kerio 1420, 2420, 3420 models).
Would you like this text adapted for a blog post, a release note, or a product comparison?
Kerio Control 9.2.4 (2021) — brief piece
Kerio Control 9.2.4 (released 2021) is a network security appliance/software that combines firewall, VPN, web filtering and intrusion prevention aimed at small-to-medium businesses. Key points:
If you want a short changelog excerpt from 9.2.4 or configuration examples (firewall rule to allow a site, IPsec peer setup, or VPN client config), say which one and I’ll provide it.
Kerio Control 9.4.2 is a major software update released in (specifically December 15, 2021). This version was notable for introducing several performance improvements and core system updates for the Unified Threat Management (UTM) firewall. Key Features and Changes in 9.4.2 Kernel Upgrade
: The system was updated to use a newer Linux kernel, improving hardware compatibility and overall security performance. Enhanced Web Filter : Version 9.4.2 included optimizations for the Kerio Control Web Filter
, allowing for more precise content blocking and application categorization. VPN Stability : Updates were made to the Kerio Control VPN Client to improve connection reliability for remote users. Administration Console
: Minor UI refinements and bug fixes were applied to the web-based administration interface (accessible by default on port Essential Administration Tasks
If you are managing this version, here are the standard procedures for maintenance:
: You can check for newer versions (such as the subsequent 9.4.2 Patch 1 or 9.4.3) by navigating to Configuration > Advanced Options > Software Updates GFI Support portal : It is highly recommended to enable automatic daily backups , which stores your configuration securely in the cloud. Directory Integration : This version supports seamless integration with Microsoft Active Directory Domains and User Login > Directory Services SSH Access
: To troubleshoot at the command line level, you can enable the shell by holding the key while clicking on Status > System Health
You can download the installers and recovery images for this specific version from the Kerio Software Archive or setting up a site-to-site VPN in version 9.4.2? Using Kerio Control Web Filter
Kerio Control 9.4.2, released in late 2021 and early 2022, is
a stable firewall and Unified Threat Management (UTM) solution designed for small to medium-sized businesses . It remains well-regarded for its simplicity ease of use
, making it a popular choice for administrators who need powerful security without a steep learning curve. SoftMagazin Key Updates in Version 9.4.2
This specific release focused heavily on stability and connectivity fixes rather than major new features: Performance Fixes: Resolved issues related to Mac upload speed degradation VPN Updates: Includes updated IPsec SNAT protocols for more reliable remote connections. Connectivity: Fixed WiFi authentication errors when using Radius servers Security Maintenance: Renewed expired built-in "Let's Encrypt" certificates
and fixed a cross-site scripting (XSS) vulnerability in the WebAdmin interface. support.keriocontrol.gfi.com Performance and Reliability Ease of Management: Users frequently cite the web-based interface
as a major pro, allowing for remote administration from tablets or desktops. Traffic Control: It excels at bandwidth management, allowing for link load balancing and limiting high-bandwidth activities like streaming. Known Issues: Some users reported slow website loading
(specifically with QUIC protocol enabled) and potential WiFi instability on certain hardware boxes (NG100W/NG300W) after the upgrade. support.keriocontrol.gfi.com Summary of User Feedback Highly intuitive configuration and setup.
VPN and network speed can drop with high-security settings enabled. Reliable built-in VPN with no-config clients.
Newer hardware from competitors may offer better price-to-performance. Robust intrusion detection and web filtering.
Recent dissatisfaction regarding changes in direct support and licensing. For detailed documentation, you can visit the official Kerio Control Support Portal or download the full user guide from the Kerio Software Archive or deciding if you should to a newer build like 9.4.4? Kerio Control 9.4.2 Release Notes - GFI
Released in early 2021, version 9.4.2 was not a feature-packed "major" release, but a critical maintenance and security update to the 9.4 stream. At the time, the IT world was adjusting to the long-term impacts of COVID-19 (mass remote work), making VPN stability and security the highest priority.
Key objectives of the 9.4.2 release:
The most significant aspect of the 2021 update was the mitigation of CVE-2020-3557x (specific Kerio authentication bypass issues). It also updated the bundled OpenSSL version to 1.1.1i, patching the infamous "Zombie POODLE" and "Sweet32" attacks.