Is there a way to exclude the new Windows exploit using ENS?
Description at zdnet.com
Our Exploit Team is currently checking the coverage we can provide with our product suite. I would kindly ask you to raise a Service Request with our Technical Support Team so that you can be informed about the coverage status once it becomes available.
for the sake of completeness,
from support today there was an extra dat and an expert rule for the exploit protection, I'm going to test this now with some test machines
Good afternoon and thank you very much for this info!!
Is the ExtraDat aviable already??
If so, where can I download it from?
Thanks in advance!
Based on internal information, Adobe Vulnerability - ADV200006 - EXTRA.DAT and Expert Rule became available to Support.
However, you will have to open SR with Support in order to obtain them.
Also before any extreme measures are taken:
*** ADV200006 | Type 1 Font Parsing Remote Code Execution Vulnerability
Please Note: The threat is low for those systems running Windows 10 due to mitigations that were put in place with the first version released in 2015.
Please see the mitigation section for details. Microsoft is not aware of any attacks against the Windows 10 platform. The possibility of remote code execution is negligible and elevation of privilege is not possible. We do not recommend that IT administrators running Windows 10 implement the workarounds described below.
I hope this helps.
I'm not sure with which info i could help you, i got an expert rule for the zero day in Adobe Type Manager Library (atmfd.dll) and an extra dat