Endpoint Protection

 View Only
Back to Library

SEP Custom IPS Policy to block Latest IE 0day attack (AKA Aurora exploit) - CVE-2010-0249 

Jan 22, 2010 02:08 AM

I've built a custom IPS policy to block Aurora exploit and I've used Metasploit's IE_Aurora module to attack my virtual machine and guess what, SEP blocked the attack. Attached you'll have the policy file and a screenshot. Please Import, test and report any problems/comments.

The attached files are:

1. SEP custom IPS policy

2. Metasploit's IE_Aurora exploit VS SEP demo
 

Statistics
0 Favorited
0 Views
2 Files
0 Shares
0 Downloads

Attachment(s)
zip file
Microsoft Security Advisory CVE-2010-0249 - IE 0day.zip   1 KB   1 version
Uploaded - Feb 25, 2020
 
Download

Tags and Keywords

Comments

Mithun Sanghavi
May 31, 2011 06:29 AM

Hello,

Thanks for sharing this information.

Migration User
Jan 26, 2010 09:31 AM

This is great information.. 

Related Entries and Links

No Related Resource entered.