PTP Defs to protect against XML Core Services vulnerability?
Created: 29 Jun 2012 | 3 comments
Much is being written about the XML Core Services vulnerability in all flavors of Windows. The Internet Storm Center and Sophos are reporting that this is being actively exploited in the wild. In light of the fact that Microsoft hasn't published a hotfix yet, does Symantec offer PTP definitions to protect against this specific threat with SEP 11 or 12? We're debating on deploying the workaround but it would be great to know that we're already protected!
Discussion Filed Under:
Comments 3 Comments • Jump to latest comment
I Guess Microsoft hasthe FIX for the same
Regard's
Ajit Jha
Technical Consultant
ASC & STS
Microsoft hasn't published a hot fix yet, just a dicey workaround.
There are multiple IPS signatures for this already:
http://www.symantec.com/security_response/attacksignatures/detail.jsp?asid=25786
http://www.symantec.com/security_response/attacksignatures/detail.jsp?asid=25783
http://www.symantec.com/security_response/attacksignatures/detail.jsp?asid=50331
Make sure your NTP definitions are at the latest date.
SEP Knowledge Base
Endpoint SWAT
Would you like to reply?
Login or Register to post your comment.