Endpoint Protection

 View Only

  • 1.  [SID: 24125] Web Attack: Malicious Cookie Activity detected

    Posted Dec 12, 2011 07:16 PM

    hi all,

    one of our client workstation had a pop-up stating, "[SID: 24125] Web Attack: Malicious Cookie Activity detected". what does it means? how to solve this one? thank!

     

    Ishmael



  • 2.  RE: [SID: 24125] Web Attack: Malicious Cookie Activity detected

    Broadcom Employee
    Posted Dec 12, 2011 10:13 PM

    thanks to Mithun Sanghavi's comment for similar SID number

    https://www-secure.symantec.com/connect/forums/cookie-activity-detected-sep-client

     

     

    Web Attack: Malicious Cookie Activity

    http://www.symantec.com/business/security_response/attacksignatures/detail.jsp?asid=24125

    Adobe Reader and Acrobat 'newplayer()' JavaScript Method Remote Code Execution Vulnerability

    http://www.securityfocus.com/bid/37331/exploit

     

    Plan of Action:

    1) Please disable all the Adobe Addin from the Browser being used on your Computer

    2) Update all the MS Security Patches on the machine

    3) Update Adobe and all related Softwares on the machine.

    4) Run the Symantec Power Eraser. (business users)
    5) Update your product definitions and perform a full system scan.
    6) Identify suspicious files.
    7) Submit suspicious files to Symantec for analysis.

     



  • 3.  RE: [SID: 24125] Web Attack: Malicious Cookie Activity detected
    Best Answer

    Trusted Advisor
    Posted Dec 13, 2011 04:14 AM

    Hello,

    Thank you pete for suggesting my Advice.

    This has been a Latest Trend after Adobe vulnerability was found.

    I would also suggest a read though the latest Symantec Security Response Blogs' 

    Adobe Reader Zero-day being exploited in the wild

    https://www-secure.symantec.com/connect/blogs/adobe-reader-zero-day-being-exploited-wild

    A New Zero Day PDF Exploit used in a Targeted Attack\
     
     
    Hope that helps!!