Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 15 replies
  • Subscribers 3 subscribers
  • Views 6658 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Java zero day exploit

Alvin
New Java Zero-Day Exploit Shows Multi-Platform Development - The Mac Security Blog

Java zero day vulnerability actively used in targeted attacks | ZDNet

Java zero day allegedly spotted in the wild | ZDNet

Question to get the discussion going on how this UTM can protect us against this attack.

1) How do you know if your Astaro IPS would be protecting you against this?

2) Avira AV?

3) SOPHOS AV?

4) SOPHOS End Point Security and Control.


This thread was automatically locked due to age.
Parents
  • 0
    From my understanding, the Sophos updates are a 'live update' meaning that Sophos has 24/7 updating going on with the signatures for their AV products, which include the Astaro features and Endpoint Protection clients.  So, as soon as they identify it and can apply a signature for it, it will be distributed and you may actually see the version, date, etc. posted.  

    For now, I will just tell Astaro to block all Java.  [:)]

    XG 19.5 GA 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | GB Ethernet x5

  • 0 in reply to Amodin
    From my understanding, the Sophos updates are a 'live update' meaning that Sophos has 24/7 updating going on with the signatures for their AV products, which include the Astaro features and Endpoint Protection clients.  So, as soon as they identify it and can apply a signature for it, it will be distributed and you may actually see the version, date, etc. posted.  

    For now, I will just tell Astaro to block all Java.  [:)]


    ok,
    how can I block all java?

    ralf
  • 0 in reply to rprengel
    The HTTP/S Proxy has an option to remove Java Content in the configuration section.

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

  • 0 in reply to BrucekConvergent
    The HTTP/S Proxy has an option to remove Java Content in the configuration section.


    That's a rather large hammer..i think that blocks EVERYTHING and not just java.
    Remove embedded objects (ActiveX/Java/Flash)

    at least in v8.  unfortunately that's the only way to kill java in v8.  I've not tested v9 yet.

    Owner:  Emmanuel Technology Consulting

    http://etc-md.com

    Former Sophos SG(Astaro) advocate/researcher/Silver Partner

    PfSense w/Suricata, ntopng, 

    Other addons to follow

Reply
  • 0 in reply to BrucekConvergent
    The HTTP/S Proxy has an option to remove Java Content in the configuration section.


    That's a rather large hammer..i think that blocks EVERYTHING and not just java.
    Remove embedded objects (ActiveX/Java/Flash)

    at least in v8.  unfortunately that's the only way to kill java in v8.  I've not tested v9 yet.

    Owner:  Emmanuel Technology Consulting

    http://etc-md.com

    Former Sophos SG(Astaro) advocate/researcher/Silver Partner

    PfSense w/Suricata, ntopng, 

    Other addons to follow

Children
Cookie Information Banner