Skip navigation
McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
547 Views 3 Replies Latest reply: Jul 12, 2013 11:21 AM by gene33 RSS
gene33 Newcomer 35 posts since
Jun 15, 2012
Currently Being Moderated

Jul 11, 2013 10:10 AM

New UDS signature not working (7/11/2013)

UDS-HTTP: MS IE CBlockElement bdo element tag Use After Free Vulnerability I

Released 7/11/2013  (KB55447)


I tried to import this signature but receive the error message:  "Unable to write User-Defined Signatures to the database."




When I open the signature after import it does say it needs a protection category and matching software criteria.

I tried to give it protection category "Client Protection / Web Browser" and software protocol http, but it still won't compile.


Anyone had any success with this?




  • gfergus1 McAfee SME 125 posts since
    Nov 4, 2009
    Currently Being Moderated
    1. Jul 11, 2013 10:39 AM (in response to gene33)
    Re: New UDS signature not working (7/11/2013)

    What verson are you using?  I just tried on 7.5 and 6.1 in my lab and both took the new UDS fine.


    Do you have any custom protocol definitions within the custom attack editor?


    Was the error when you saved the custom attacks?



    If you haven't already I recommend opening a support ticket as they can help review the logs which should give an indication why you are having an error.


    It may be worth checking the RTTA to ensure you can view new alerts correctly just to check the database health.  dbtuning is always a good idea also.

  • dt1 Newcomer 12 posts since
    Apr 17, 2013
    Currently Being Moderated
    2. Jul 12, 2013 10:59 AM (in response to gene33)
    Re: New UDS signature not working (7/11/2013)

    I was able to import this UDS successfully.  I am running NSM


    Not sure if you're doing this or not, but you have to unzip the original downloaded UDS file and import the zip file named ""

More Like This

  • Retrieving data ...

Bookmarked By (0)


  • Correct Answers - 5 points
  • Helpful Answers - 3 points