Where to find what vulnerabilities are detected by Symantec Endpoint Protection (SEP) if exploited

book

Article ID: 181667

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

 

Resolution

The IPS Signatures can be found here:

http://www.symantec.com/security_response/definitions.jsp?inid=us_sr_flyout_updates_virusdef

Click on Network-Based Protection – Release history, displays Security updates.

Click on the most recent one: - Security Update 703

 

The first list adds these detections of attacks and second remove the detections

SEP will not cover vulnerabilities if they are not being exploited, so if there is no virus that exploits the software vulnerability, SEP will not have a signature against that.

In the sample above you can see that two viruses (Web Attack: Malicious File Download - Web Attack: Malicious Exploit Kit Website) exploit the same vulnerability with

Bugtraq ID:

37331

 

Click on the ID hyperlink it redirects to http://www.securityfocus.com:

Adobe Reader and Acrobat 'newplayer()' JavaScript Method Remote Code Execution Vulnerability

That seems to be the only way to check if those vulnerabilities are exploited and detected by SEP or not.

Attachments