cancel
Showing results for 
Search instead for 
Did you mean: 
apellepa
Level 8

IE Vulnerability

Jump to solution

Can MWG7.x mitigate CVE-2013-3893 (MSHTML Shim Workaround) ?

http://technet.microsoft.com/en-us/security/advisory/2887505

0 Kudos
1 Solution

Accepted Solutions
asabban
Level 17

Re: IE Vulnerability

Jump to solution

Hello,

in the rule set library that ships with the product there should be a rule set called "HTML Filter". I think it contains rules to block ActiveX. You could use them as a template.

Best,

Andre

0 Kudos
3 Replies
andyclements
Level 12

Re: IE Vulnerability

Jump to solution

There is very little in the either the MS article or the CVE that would say what is actually happening to help us with writing any rules for this.  The mitigation steps that MS lists are all pertaining to running a more restricted set of settings in the browser.  From what I can tell though it has something to do with ActiveX.  You can create a rule that would block ActiveX objects, but that I just a guess based on the little info I have seen.

0 Kudos
apellepa
Level 8

Re: IE Vulnerability

Jump to solution

How to block ActiveX in 7.x ?

I was not found such type (ActiveX) in media type.

0 Kudos
asabban
Level 17

Re: IE Vulnerability

Jump to solution

Hello,

in the rule set library that ships with the product there should be a rule set called "HTML Filter". I think it contains rules to block ActiveX. You could use them as a template.

Best,

Andre

0 Kudos