Video Screencast Help
Give us your opinion and win with Symantec! Please help us by taking this survey to tell us about your experience with Symantec Connect, so that we can continue to grow and improve.  Take the survey.


Created: 12 Nov 2013 • Updated: 12 Nov 2013 | 2 comments
This issue has been solved. See solution.

Hello Folks and good day,

Does Symantec have protection available for CVE-2013-3918, which was just published yesterday by Microsoft and disclosed on Novemeber 8th?

Thanks in advance,

Operating Systems:

Comments 2 CommentsJump to latest comment

Brɨan's picture

Yes, they do. Please see relevant info here:


Intrusion Prevention System (IPS):
Web Attack: Internet Explorer CVE-2013-3918

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

Mick2009's picture

You may be interested in this post from Security Response:

Microsoft Patch Tuesday – November 2013

One of the new patches:

MS13-090 Cumulative Security Update of ActiveX Kill Bits (2900986)

InformationCardSigninHelper Vulnerability (CVE-2013-3918) MS Rating: Critical

A remote code execution vulnerability exists in the the InformationCardSigninHelper Class ActiveX control, icardie.dll. An attacker could exploit the vulnerability by constructing a specially crafted webpage. When a user views the webpage, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user.

With thanks and best regards,