The update fixes a buffer overflow in the ppp service which is used for ADSL and L2TP connections. The vulnerability is critical
as it can be exploited before authentication.
Disabling SMB1 protocol
If automatic backups and archiving of logfiles is configured to store the files on a Windows share, the insecure SMB1 protocol
or older has been used. With the update at least SMB 2.1.0 is required (Windows 2008R2, Windows 7 or newer).
For NTLM authentication and network shares all current SMB versions used to be available, however SMB1 was also still allowed.
An attacker could have forced a protocol downgrade to the SMB1 protocol. The minimum protocol version here is now also SMB
Minor bugfixes and improvements