cancel
Showing results for 
Search instead for 
Did you mean: 
oliver.huf
Level 7

Is there a list of known Malware MWG protects us from?

Aloha!

After the massive press announcement of the availability of the mshtml!CDoc:Smiley FrustratedetMouseCapture exploit in Metasploit (see: http://www.heise.de/security/meldung/Exploit-fuer-ungepatchte-Internet-Explorer-Luecke-1970621.html [Website in German]) I am wondering if there's a list of malware exploits the MWG AntiMalware module will "reliably" protect us from?

And yes: I'm aware of code obfuscation and polymorphism in malware.... That's the reason I'm asking for a list of attacks that MWG can avert *reliably* (due to their nature, etc.)

Thanks a bunch!

Oliver.

BTW: We're on 7.3.2.1 still, if that matters...

0 Kudos
1 Reply
Regis
Level 12

Re: Is there a list of known Malware MWG protects us from?

I wouldn't expect such a list to exist since I can't imagine anyone wanting to be curating such a list.   And I don't expect any vendor of a network appliance to want to be in a public facing role of testing every new exploit framework payload with all available evasion techniques tried against an existing product... as it'd be a depressing task.      I have to imagine vendors clueful enough to be doing such self efficacy testing would want to keep that sausage making process behind the factory door.  Going public with the results of such when no other vendors are doing so would just lead to competitive disadvantage. 

That all said though, one of the biggest bangs web gateway can do for ya that doesn't involve anti-malware... if you can get buy in,  block all Java filetypes, extensions, and user agents at the gateway except for a whitelist of sites your business has a legit business need to access java component from.