Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

PTP Defs to protect against XML Core Services vulnerability?

Created: 29 Jun 2012 | 3 comments

Much is being written about the XML Core Services vulnerability in all flavors of Windows.  The Internet Storm Center and Sophos are reporting that this is being actively exploited in the wild.  In light of the fact that Microsoft hasn't published a hotfix yet, does Symantec offer PTP definitions to protect against this specific threat with SEP 11 or 12?  We're debating on deploying the workaround but it would be great to know that we're already protected!

Comments 3 CommentsJump to latest comment

Ajit Jha's picture

I Guess Microsoft hasthe FIX for the same

Regard's

Ajit Jha

Technical Consultant

ASC & STS

Bill_K's picture

Microsoft hasn't published a hot fix yet, just a dicey workaround.

.Brian's picture

There are multiple IPS signatures for this already:

http://www.symantec.com/security_response/attacksignatures/detail.jsp?asid=25786

http://www.symantec.com/security_response/attacksignatures/detail.jsp?asid=25783

http://www.symantec.com/security_response/attacksignatures/detail.jsp?asid=50331

Make sure your NTP definitions are at the latest date.

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.