Endpoint Protection

 View Only

  • 1.  SEP Proactive Threat Protection - Protect against Apple QuickTime Vulnerability ?

    Posted Apr 19, 2016 11:08 PM
    We have become aware of the following high-profile vulnerability issue with Apple Quicktime on Windows machines
     
     
    We are working on uninstalling QT from our very large fleet of workstations asap but wondering if SEP can protection against this issue in the meantime ?.
     
    I ask because I am aware SEP has sometime previously blocked attempts to exploit vulnerabilities for Windows OS/Apps via a definition update for Proactive Threat Protection ?
     
    It looks like we can apply a policy to prevent the QT .exe from running so we might try that in the meantime.
     
    Thanks.
     


  • 2.  RE: SEP Proactive Threat Protection - Protect against Apple QuickTime Vulnerability ?

    Posted Apr 20, 2016 11:21 AM

    I've not seen any signature cased detection for it.

    Applying an application control policy will work best for this.



  • 3.  RE: SEP Proactive Threat Protection - Protect against Apple QuickTime Vulnerability ?
    Best Answer

    Posted Apr 20, 2016 11:31 AM

    Hi makes,

    Thanks for the query.  At this time there is no specific AV or IPS signatrue against attempted exploit of the QT vulnerabilities. (I am also not aware of any malware that attempts to exploit these in teh wild.)  

    Blocking QT by Software Restriction Policy or ADC policy until it can be uninstalled from Windows machines is the best course of action.

    Hope this helps!  Please do keep this thread up-to-date with your progress, or mark it solved if you have received your answer.

    With thanks and best regards,

    Mick



  • 4.  RE: SEP Proactive Threat Protection - Protect against Apple QuickTime Vulnerability ?

    Posted Apr 25, 2016 07:05 PM

    Hi Guys, thanks for this advice. Much appeciated !.