CVE-2010-2883 and Forefront TMG 2010’s Malware Inspection

by adrian 10. September 2010 21:25

In case you’ve miss it, MS pushed an antivirus signature to detect malicious PDFs attempting to exploit CVE-2010-2883(0-day in Adobe PDF Reader/Acrobat) on 08.10.2010, so you can attempt to block potentially such malicious files at the gateway level with TMG.
The signature is detailed on the MPC Encyclopedia.

Additionally, you can have TMG to block HTTP responses containing PDF files(assuming they are not zipped or so), and you can combine this with the URL filtering if you want to be able to whitelist/blacklist some destinations.

Tags:

Forefront TMG

Comments are closed

Home | Hire me

Support this blog

Adds

Book Shelf

 

Month List