Java Zero-Day Exploit (CVE-2013-0422)
|Article:TECH201601|||||Created: 2013-01-13|||||Updated: 2013-01-18|||||Article URL http://www.symantec.com/docs/TECH201601|
Does Symantec Endpoint Protection protect against the Java Zero-Day Exploit also known as CVE-2013-0422?
In the blog released by Symantec's Security Response team, this exploit is being detected by Symantec Intrusion Prevention.
Symantec has the following IPS signatures in place that specifically protect against the Cool Exploit Kit:
Web Attack: Cool Exploit Kit Website - www.symantec.com/security_response/attacksignatures/detail.jsp
Web Attack: Cool Exploit Kit PDF Download - www.symantec.com/security_response/attacksignatures/detail.jsp
You can find the full Security Response write-up regarding this vulnerability at www.symantec.com/connect/blogs/java-zero-day-dished-cool-exploit-kit and http://www.symantec.com/connect/blogs/additional-protection-recent-java-zero-day.
To ensure you are protected, make sure you have Intrusion Prevention enabled on your client machines. You can find Intrusion Prevention in the Manager console under the Policies button. In the Intrusion Prevention policy, ensure you have the policy enabled, the policy is assigned to the proper client groups and that in the policy settings, both the Enable Network Intrusion Prevention and Enable Browser Intrusion Prevention are checked.
For more information on Intrusion Prevention, visit www.symantec.com/docs/TECH95347
If you have any additional questions, please contact Symantec Technical Support.
Article URL http://www.symantec.com/docs/TECH201601