Host IPS 8.0 Signature Coverage for CVE-2014-4114.

Related Microsoft MS14-060 security update.


McAfee has tested the following Host IPS 8.0 custom signature, which can be created to protect against this vulnerability:


Rule {

Class Program

Id 4001

level 4

Executable { Include { -path "*\\POWERPNT.EXE"  } { -path "*\\excel.EXE"  } { -path "*\\winword.EXE"  } }

Target_Executable { Include { -path "*\\InfDefaultInstall.exe" }}

directives program:run



Please copy this custom signature into the Expert IPS SubRule properties syntax when creating a new custom signature for this vulnerability.