cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted

new Windows exploit , zero-day in the Adobe Type Manager Library (atmfd.dll)

Hello everyone

Is there a way to exclude the new Windows exploit using ENS?

 

Description at zdnet.com

#https://www.zdnet.com/article/microsoft-warns-of-windows-zero-day-exploited-in-the-wild/

 

 

8 Replies
Highlighted

Re: new Windows exploit , zero-day in the Adobe Type Manager Library (atmfd.dll)

Maybe a rule in the access protection module on atmfd.dll would be a possibility, what do you think?

McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 3 of 9

Re: new Windows exploit , zero-day in the Adobe Type Manager Library (atmfd.dll)

Hi @GGsxpUGy5xWec 

Our Exploit Team is currently checking the coverage we can provide with our product suite. I would kindly ask you to raise a Service Request with our Technical Support Team so that you can be informed about the coverage status once it becomes available.

Was my reply helpful?
If this information was helpful in any way, or answered your question, will you please select "Accept as Solution" in my reply, or give kudos as appropriate, so together we can help other members?
Highlighted

Re: new Windows exploit , zero-day in the Adobe Type Manager Library (atmfd.dll)

Update for those who are interested
I have contacted the support, there is no solution yet, the exploit team is still investigating

Highlighted

Re: new Windows exploit , zero-day in the Adobe Type Manager Library (atmfd.dll)

for the sake of completeness,
from support today there was an extra dat and an expert rule for the exploit protection, I'm going to test this now with some test machines

Highlighted

Re: new Windows exploit , zero-day in the Adobe Type Manager Library (atmfd.dll)

Good afternoon and thank you very much for this info!!

Is the ExtraDat aviable already??

 

If so, where can I download it from?

 

Thanks in advance!

Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 7 of 9

Re: new Windows exploit , zero-day in the Adobe Type Manager Library (atmfd.dll)

Hello all.

Based on internal information, Adobe Vulnerability - ADV200006 - EXTRA.DAT and Expert Rule became available to Support.

However, you will have to open SR with Support in order to obtain them.

Also before any extreme measures are taken:

*** ADV200006 | Type 1 Font Parsing Remote Code Execution Vulnerability
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/adv200006

Please Note: The threat is low for those systems running Windows 10 due to mitigations that were put in place with the first version released in 2015.

Please see the mitigation section for details. Microsoft is not aware of any attacks against the Windows 10 platform. The possibility of remote code execution is negligible and elevation of privilege is not possible. We do not recommend that IT administrators running Windows 10 implement the workarounds described below.

 

I hope this helps.


Was my reply helpful?

If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?
Highlighted

Re: new Windows exploit , zero-day in the Adobe Type Manager Library (atmfd.dll)

thks for Imformation. I already opened an Service Request.

brgds

Highlighted

Re: new Windows exploit , zero-day in the Adobe Type Manager Library (atmfd.dll)

Thank you very much, it was very helpful. A question, what is the name of the exploit prevention firm?

 

Thanks in advance!!

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community