Greetings everyone.
We are still getting a lot of questions about Symantec's coverage of the most recent Java 0-Day. I thought I would take a moment to jot down a list of our current coverage for this event, and hopefully save everyone some time and hassle.
Current Coverage:
Not-Coverage
2nd 0-day??
There has been some mention of a second Java 0-day but this seems to be a matter of semantics. The exploit requires both to actually function, so most researchers are considering them a single vulnerabilty. This may change, but its where wer are currently at.
That said, all the coverage information above, still holds true.
http://threatpost.com/en_us/blogs/researchers-identify-second-new-java-bug-082812 http://www.informationweek.com/security/vulnerabilities/java-zero-day-attack-second-bug-found/240006431 Security Response Blogs:
New Java Zero-Day Vulnerability (CVE-2012-4681) Java Zero-Day Used in Targeted Attack Campaign
Thank you for the clarification Brandon !
@ John
Proactive Threat Protection or PTP updates on a non-standard schedule.
You can find the current definitions date for all the technologies here: http://www.symantec.com/security_response/definitions.jsp
This is a good one to bookmark!
Also, please note we had a few issues with the site not reflecting the accurate date for PTP defs last week. You can see my responses to the following post for more info on that: PTP not updating all other definitions are uptodate
Ah ok, yes it seems that I have IPS enabled on all of my SEP clients as at below.
but my servers only got the Virus and Spyware protection :-|
Update [August 30, 2012] -
Java Zero-Day Used in Targeted Attack Campaign
ALSO
Oracle has issued a patch: Java SE 7 Update 7 for CVE-2012-4186. Users are advised to download the latest update.
@Srikanth
Pathing the vulnerable application is ALWAYS to be preffered.
@John
In my post you will find the links to the IPS signatures. Those are deployed through IPS in SEP 12.1. So, yes, you are protected as lonag as you have the IPS component installed.
If not, then why not? :)
Hm... Does SEP v 12.1 can prevent this issue ?
Hi,
As per this post as of now it is not recommended to download and install java?