1 Reply Latest reply on Jan 15, 2010 10:02 AM by Jon Scholten

    Threat detection for MS 979352 - CVE-2010-0249

    jspanitz

      Seems like webwasher continues to get left out of the picture now that McAfee owns it.  McAfee clearly outlines which of their products will get detection - Here http://vil.nai.com/vil/Content/v_vul49625.htm and here http://www.avertlabs.com/research/blog/index.php/2010/01/14/more-details-on-oper ation-aurora/#respond.

       

      Any chance we'll get native protection - Proactive - without having to purchase the optional McAfee AV add-on?

        • 1. Re: Threat detection for MS 979352 - CVE-2010-0249
          Jon Scholten

          Greetings John,

           

          The literature should be updated shortly to include the following info:

           

          McAfee Web Gateway – TrustedSource has coverage for domains and IP addresses that the malware contacts and coverage for associated malware was released January 15 (as BehavesLike.JS.Obfuscated.E“), proactive coverage existed for some components (as „Trojan.Crypt.XDR.Gen“).

           

          McAfee Firewall Enterprise - TrustedSource has coverage for domains and IP addresses

           

          EWS - TrustedSource has coverage for domains and IP addresses

           

          Regarding the Webwasher being left out of the threat reports, we are working to assure that the MWG Anti-Malware engine does get published in the major reports in the future. But typically our Anti-Malware team does address threats on the McAfee Labs blog (formerly Avert Labs).

           

          ~Jon