Java Zero-Day Exploit (CVE-2013-0422)

Article:TECH201601  |  Created: 2013-01-13  |  Updated: 2013-01-18  |  Article URL
Article Type
Technical Solution


 Does Symantec Endpoint Protection protect against the Java Zero-Day Exploit also known as CVE-2013-0422?


In the blog released by Symantec's Security Response team, this exploit is being detected by Symantec Intrusion Prevention.

Symantec has the following IPS signatures in place that specifically protect against the Cool Exploit Kit:

     Web Attack: Cool Exploit Kit Website -

     Web Attack: Cool Exploit Kit PDF Download -

You can find the full Security Response write-up regarding this vulnerability at and

To ensure you are protected, make sure you have Intrusion Prevention enabled on your client machines. You can find Intrusion Prevention in the Manager console under the Policies button. In the Intrusion Prevention policy, ensure you have the policy enabled, the policy is assigned to the proper client groups and that in the policy settings, both the Enable Network Intrusion Prevention and Enable Browser Intrusion Prevention are checked. 

 For more information on Intrusion Prevention, visit



If you have any additional questions, please contact Symantec Technical Support. 



Article URL

Terms of use for this information are found in Legal Notices