Java Zero-Day Exploit (CVE-2013-0422)

Article:TECH201601  |  Created: 2013-01-13  |  Updated: 2013-01-18  |  Article URL http://www.symantec.com/docs/TECH201601
Article Type
Technical Solution


Issue



 Does Symantec Endpoint Protection protect against the Java Zero-Day Exploit also known as CVE-2013-0422?


Solution



In the blog released by Symantec's Security Response team, this exploit is being detected by Symantec Intrusion Prevention.

Symantec has the following IPS signatures in place that specifically protect against the Cool Exploit Kit:

     Web Attack: Cool Exploit Kit Website - www.symantec.com/security_response/attacksignatures/detail.jsp

     Web Attack: Cool Exploit Kit PDF Download - www.symantec.com/security_response/attacksignatures/detail.jsp

You can find the full Security Response write-up regarding this vulnerability at www.symantec.com/connect/blogs/java-zero-day-dished-cool-exploit-kit and http://www.symantec.com/connect/blogs/additional-protection-recent-java-zero-day.

To ensure you are protected, make sure you have Intrusion Prevention enabled on your client machines. You can find Intrusion Prevention in the Manager console under the Policies button. In the Intrusion Prevention policy, ensure you have the policy enabled, the policy is assigned to the proper client groups and that in the policy settings, both the Enable Network Intrusion Prevention and Enable Browser Intrusion Prevention are checked. 

 For more information on Intrusion Prevention, visit www.symantec.com/docs/TECH95347

 

 

If you have any additional questions, please contact Symantec Technical Support. 

 

 




Article URL http://www.symantec.com/docs/TECH201601


Terms of use for this information are found in Legal Notices