cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
epository
Level 10
Report Inappropriate Content
Message 41 of 59

Re: cve 2014-1776 IE Zero Day Exploit - Any News from McAfee??

However..both trandmicro and sophos at least ACKNOWLEDGED the exploit...Mcafee didnt even do that...and should their Recent Malware page be 4 weeks out if date!  Just not a lot for those of us called on the carpet to answer questions from our bosses....

dw98
Level 7
Report Inappropriate Content
Message 42 of 59

Re: cve 2014-1776 IE Zero Day Exploit - Any News from McAfee??

although UDS had already been released for

McAfee Network Security Platform (NIPS): The UDS Release of April 28 contains detection.

  • Attack ID: 0x4512e700

however till now, more than 24 hours, there is no update or respond for my case logged with McAfee support yet.

is there any risk/ impact to enable blocking for

UDS-HTTP: Adobe Flash Player Shader Parsing Buffer Overflow Vulnerability(6.1, 7.x and 8.x)**

UDS-HTTP: Microsoft Internet Explorer CMarkup Object Use-After-Free vulnerability(6.1, 7.x and 8.x)

dw98
Level 7
Report Inappropriate Content
Message 43 of 59

Re: cve 2014-1776 IE Zero Day Exploit - Any News from McAfee??

still no responds from McAfee regarding my case.

any idea is there any risk/ impact to enable blocking for

UDS-HTTP: Adobe Flash Player Shader Parsing Buffer Overflow Vulnerability(6.1, 7.x and 8.x)**

UDS-HTTP: Microsoft Internet Explorer CMarkup Object Use-After-Free vulnerability(6.1, 7.x and 8.x) ?

epository
Level 10
Report Inappropriate Content
Message 44 of 59

Re: cve 2014-1776 IE Zero Day Exploit - Any News from McAfee??

Wish I had known the DAT was only a half-assed solution yesterday when I briefed it in our meeting.

In the meantime, we have created a custom HIPS signature to block access to vgx.dll and we will try scripting somehting across the network to unregister vgx.dll.

I cant believe the way McAfee is dribbling out information on this and it is only half-truths.

Please!!! Mcafee, you obviously have samples of this malware...tell us what we should be looking for in HIPS or NIPS, especially if you are not not even providing factual information for VSE admins.

Re: cve 2014-1776 IE Zero Day Exploit - Any News from McAfee??

Interesting that DAT 7423 containing Extra.dat threat detection for Exploit-CVE2014-1776 is clearly displayed in VSE 8.8 after applied.  So are the clients protected or not?  or do we really get protection in 7428 on 5/4/2014?

  vse88extradat.jpg

epository
Level 10
Report Inappropriate Content
Message 46 of 59

Re: cve 2014-1776 IE Zero Day Exploit - Any News from McAfee??

Mcafees response to this whole thing has been absolutely horrible and dishonest...the 7423 disclosure which hid the fact that it only worked for stinger and cls...waiting 72 hours before even acknowledging the issue...their unsubstantiated blurb the HIPS sig 428 will stop it....its been really pathetic.

It feels to me like they are making a lot of excusesfor being caught with their pants down while symantec had a signature 4 days ago.  Not very impressive.

So come on Mcafee...answer these questions...show us HIPS stopping it...tell us the truth about the 7423 DAT...give us something to tell our customer!

Re: cve 2014-1776 IE Zero Day Exploit - Any News from McAfee??

So where can i go / what can i do to test to see if this Extra DAT works?

epository
Level 10
Report Inappropriate Content
Message 48 of 59

Re: cve 2014-1776 IE Zero Day Exploit - Any News from McAfee??

Yet another glaringly obvious question ignored by mcafee...they dont even repond to comments at their security blog...its.so shady.

Re: cve 2014-1776 IE Zero Day Exploit - Any News from McAfee??

These forums are user-to-user interaction mainly with maybe the odd company person dropping in from time to time, but that all depends on how busy they are.

Slamming McAfee without really knowing what's going on behind the scenes (which is usually confidential so not even we Moderators know) is hardly constructive and probably guesswork I would think when really your IT people should be contacting the support portal for answers..

However, I have messaged someone who will hopefully post in this thread.

Message was edited by: Ex_Brit on 01/05/14 4:50:58 EDT PM

Re: cve 2014-1776 IE Zero Day Exploit - Any News from McAfee??

Meanwhile make sure you all get the out-of-band emergency update Microsoft issued today mentioned by Hayton earlier.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community