3 Replies Latest reply on Sep 27, 2013 1:16 AM by asabban

    IE Vulnerability


      Can MWG7.x mitigate CVE-2013-3893 (MSHTML Shim Workaround) ?


        • 1. Re: IE Vulnerability

          There is very little in the either the MS article or the CVE that would say what is actually happening to help us with writing any rules for this.  The mitigation steps that MS lists are all pertaining to running a more restricted set of settings in the browser.  From what I can tell though it has something to do with ActiveX.  You can create a rule that would block ActiveX objects, but that I just a guess based on the little info I have seen.

          • 2. Re: IE Vulnerability

            How to block ActiveX in 7.x ?

            I was not found such type (ActiveX) in media type.

            • 3. Re: IE Vulnerability



              in the rule set library that ships with the product there should be a rule set called "HTML Filter". I think it contains rules to block ActiveX. You could use them as a template.