Video Screencast Help

Error

Created: 16 Feb 2013 • Updated: 23 Feb 2013 | 6 comments
This issue has been solved. See solution.

Hello,

 

Means this Error "[SID 25821] web attack facebook fake survey 3 detected"

Comments 6 CommentsJump to latest comment

Kirankumar's picture

I will check attach URL and update you.

.Brian's picture

It means your IPS has blocked an attack attempt. It should be doing its job. If you open your security log, more info will be there

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

Mithun Sanghavi's picture

Hello,

Web Attack: Facebook Fake Survey 3 exploits Microsoft Internet Explorer CVE-2012-1876 Col Element Remote Code Execution Vulnerability

http://www.securityfocus.com/bid/53848/info

I would recommend you to -

1) Make sure ALL Computers are installed with Symantec EP with latest / updated with virus defintions.

2) Install ALL Latest Microsoft Secuirty Patches / Sevice Packs on ALL machines.

3) Make sure ALL the client machines are using the Latest Vendor Patches installed.

If the IPS signture indicates that the malicious traffic was safely blocked and your computers are fully patched, then you should be OK.  Definitely do keep your defences up and stay aware.  Social networking is great, but as with most things there are scams and dangers.  Her is some good reading from Symantec and Facebook security teams:

Social Scams

https://www-secure.symantec.com/connect/blogs/social-scams

Phishers' Fake Security App for Facebook

https://www-secure.symantec.com/connect/blogs/phishers-fake-security-app-facebook

Here's a direct link to that whitepaper:

http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/scams_and_spam_to_av

Hope that helps!!

Mithun Sanghavi
Senior Consultant
MIM | MCSA | MCTS | STS | SSE | SSE+ | ITIL v3

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

SOLUTION
SameerU's picture

Hi

Please confirm that systems are patched with required microsoft patches and latest definitions update.

Regards

 

Ajit Jha's picture

Hi Kiran,

Go through the Link below and you will understand what it is and why it is important to be blocked.

http://www.symantec.com/business/support/index?pag...

Regard's

Ajit Jha

Technical Consultant

ASC & STS