How to find out if certain CVE or KB has signature in FF DB? CVE-2012-1889 KB2719615
-
Monday, June 18, 2012 6:58 PM
Im trying to find out if Forefront has signatures for a new exploit in the wild, Its been reported there is an active exploit for CVE-2012-1889 / KB2719615.
https://isc.sans.edu/diary/CVE-2012-1889+exploit+arrived+to+metasploit/13489
I cant find a serch interface for the FF Sig DB that will allow me to search to see if they have anything for CVE-2012-1889 / KB2719615 yet.
How can I find out this information. IU was able to find the info for our IDS fairly easily. I need this info to assess risk properly.
thanks
++++++++++++++++++++
CVE-2012-1889 / KB2719615 (Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution)
http://technet.microsoft.com/en-us/security/advisory/2719615
All Replies
-
Wednesday, June 20, 2012 2:37 AMModerator
Hi,
Thank you for the post.
You could search malware via Malware Protection Center. The latest definition updated for Exploit:Win32/CVE-2012-1889 version is 1.129.43.0 on Jun 19, 2012. Please read search results listed below:
https://www.microsoft.com/security/portal/Threat/Encyclopedia/Search.aspx?query=%22CVE-2012-1889%22&showall=True&CBF=True&sortby=relevance&sortdir=desc&size=10&page=1
https://www.microsoft.com/security/portal/Definitions/WhatsNew.aspx?Version=1.129.43.0&Release=Released&Package=AMIf there are more inquiries on this issue, please feel free to let us know.
RegardsRick Tan
TechNet Community Support
- Marked As Answer by Rick TanModerator Monday, June 25, 2012 1:34 AM
.png)
