cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
epository
Level 10
Report Inappropriate Content
Message 21 of 59

Re: cve 2014-1776 IE Zero Day Exploit - Any News from McAfee??

For those of you keeping score at home....still nothing at Threat Center...but "theyre working on it"..checks in the mail...I love you...what a joke!

Hayton
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 22 of 59

Re: cve 2014-1776 IE Zero Day Exploit - Any News from McAfee??

Released within the past hour - MTIS14-066-G

https://community.mcafee.com/docs/DOC-5897

All it says is "Under analysis"

Edit - There's a blog post as well.

http://blogs.mcafee.com/mcafee-labs/product-coverage-mitigation-cve-2014-1776-microsoft-internet-exp...

Message was edited by: Hayton on 29/04/14 02:40:46 IST
greebs
Level 7
Report Inappropriate Content
Message 23 of 59

Re: cve 2014-1776 IE Zero Day Exploit - Any News from McAfee??

The blog post indicates that:

  • McAfee VirusScan (AV):  The 7423 DATs (release date April 29, 2014) detect known-exploits as “Exploit-CVE2014-1776″

Can we assume that this isn't released yet, and will be released as per normal schedule?

Re: cve 2014-1776 IE Zero Day Exploit - Any News from McAfee??

I also heard back from my contact at McAfee Labs:

These are 2 documents that were published yesterday on this topic.

http://blogs.mcafee.com/mcafee-labs/product-coverage-mitigation-cve-2014-1776-microsoft-internet-exp...

https://community.mcafee.com/docs/DOC-5897 (McAfee Labs Security Advisory: MTIS14-066)

Customers subscribed to the MTIS Advisories would have got an mail with McAfee Product coverage.

Re: cve 2014-1776 IE Zero Day Exploit - Any News from McAfee??

greebs wrote:

The blog post indicates that:

  • McAfee VirusScan (AV):  The 7423 DATs (release date April 29, 2014) detect known-exploits as “Exploit-CVE2014-1776″

Can we assume that this isn't released yet, and will be released as per normal schedule?

Yes I would say so.

malware-alerts
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 26 of 59

Re: cve 2014-1776 IE Zero Day Exploit - Any News from McAfee??

@Ex_Brit: don't assume, word from my SAM is that 7423's detection is only valid for Stinger and CLS.

The DAT for VSE with full coverage will be 7428 (May 4th).

Yes you are reading this right, in 5 days

cdobol
Level 10
Report Inappropriate Content
Message 27 of 59

Re: cve 2014-1776 IE Zero Day Exploit - Any News from McAfee??

I heard the same thing... but I also got an extra.dat that apparently provides detection.

malware-alerts wrote:

@Ex_Brit: don't assume, word from my SAM is that 7423's detection is only valid for Stinger and CLS.

The DAT for VSE with full coverage will be 7428 (May 4th).

Yes you are reading this right, in 5 days

malware-alerts
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 28 of 59

Re: cve 2014-1776 IE Zero Day Exploit - Any News from McAfee??

Clearly, McAfee's official communications isn't telling the whole story.

Got the SNS today:

CURRENT McAFEE PRODUCT COVERAGE ANDMITIGATION

  • McAfee VirusScan (AV):  The 7423 DATs (release date April 29, 2014)     detect known-exploits as “Exploit-CVE2014-1776″

Confirmed again with our SAM that the DAT referred to in the SNS is only effective with the standalone tools STINGER and CLS (Command-Line Scanner)

You have to wonder why the official communication isn't putting this in perspective? Trying to hide the fact that VSE coverage will only be available on May 4th?

Message was edited by: malware-alerts on 4/29/14 1:55:40 PM CDT
greebs
Level 7
Report Inappropriate Content
Message 29 of 59

Re: cve 2014-1776 IE Zero Day Exploit - Any News from McAfee??

The blog entry has changed now:

  • McAfee VirusScan (AV):  The 7423 DATs (release date April 29, 2014) provide coverage for perimeter/gateway products and the command-line scanner-based technologies.  Full detection capabilities, across all products, will be released in the 7428 DAT update (release date May 4, 2014).

I'm trying to find out if the extra.dat file I was provided is actually doing anything for Virusscan Enterprise.

zeb
Level 7
Report Inappropriate Content
Message 30 of 59

Re: cve 2014-1776 IE Zero Day Exploit - Any News from McAfee??

Hi guys,

Thank you for discussing this topic, as you said this was the only place to follow the developments step by step _ the blog was insufficient.

Thx to the CAMs and SAMs that did know and share the correct information.

Part 1: it's an IE / MS issue, you should put your money on that

Part 2: the Blog seems to be correct as of today

Part 3: anybody tested the Extra.Dat, no issues, how many nodes ?

Thx again for the good info!

on 4/30/14 5:04:25 AM CDT

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community