Video Screencast Help
Search Video Help Close Back
to help
New in the Rewards Catalog: Vouchers for "Symantec Technical Specialist" and "Symantec Certified Specialist" exams.

New Exploit: Critical JavaScript vulnerability in Firefox 3.5

Updated: 21 May 2010 | 5 comments
Abhishek Pradhan's picture
+1 1 Vote
Login to vote
This issue has been solved. See solution.

Anyone in Symantec want to throw any light on this? Has this issue been addressed in any of the latest RR's, or any new IPS Signatures?

http://blog.mozilla.com/security/2009/07/14/critical-javascript-vulnerability-in-firefox-35/

Comments

Thomas K's picture
15
Jul
2009
0 Votes 0
Login to vote

I am looking into this with

I am looking into this with our engineers. I will update here when i have information.

Thomas

Thomas K's picture
16
Jul
2009
1 Vote +1
Login to vote

We have an IPS signature in

We have an IPS signature in the pipeline, and an AV sig in the field already.

Abhishek Pradhan's picture
18
Jul
2009
1 Vote +1
Login to vote

Ok. Just checked this out.

Ok. Just checked this out. It's been addressed in the latest IPS siggys released on the 15th of July. :)

I was more seo concerned with the IPS signatures and not AV, as the AV component cannot detect an RPC attack / remote exploit over RPC.

This has been addressed.

Thanks Thomas & Delifeath for your inputs.

Abhishek Pradhan, PMP, MCT
Consultant | Microsoft Corp.
Blog: http://blog.abhishekpradhan.net | SIG Lead - Pune IT Pro (Microsoft Pune User Group) | http://www.puneusergroup.org

delifeath's picture
20
Jul
2009
0 Votes 0
Login to vote

Where can we check to see

Where can we check to see what is updated in the IPS signatures as opposed to AV?  Thank you.