[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ISSForum] G100 and Zero-Day Word Vulnerability



Ok, here is my issue.  We are trying to block the Microsoft word "Office" vulnerability with our G100.  ISS sent out an update on 2/16 that should stop this Vulnerability from entering out network.  The signatures are as follows:
 
CompoundFile_Office_Document_CodeExec
CompoundFile_Word_Code_Exec
 
I have these both enabled on the G100 and set to block.  I have gone out and found the vulnerability on the web and did some penetration testing myself.  However, in my testing I could not get those to signatures to fire.  Has anyone tested for this vulnerability and had the signatures fire off correctly??  If so,  I need to find out what I'm doing wrong.

Matt

 

CONFIDENTIALITY NOTICE:
This email message, including any attachments, is for the designated
recipients(s) only and may contain confidential and privileged information.
Any unauthorized review, use, disclosure, copying, distribution or the
taking of any action because of this information is prohibited.
If you have received it in error, please notify the sender immediately
and delete the original.
_______________________________________________
ISSForum mailing list
ISSForum@xxxxxxxxxxxxxxxx

TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to https://atla-mm1.iss.net/mailman/listinfo/issforum

To contact the ISSForum Moderator, send email to mod-issforum@xxxxxxx

The ISSForum mailing list is hosted and managed by Internet Security Systems, 6303 Barfield Road, Atlanta, Georgia, USA 30328.