MS06-002 prevention (updated)
As part of there regular patch cycle, Microsoft has release 2 security patches. MS06-002 describes a vulnerability in Embedded Web Fonts. These files can be blocked by your watchguard firewall.
What can you do to protect your network:
1. Go to the 'URL Path' function of your HTTP-Proxy and add '*.eot' as a pattern match with the 'Rule action' set to Deny, Alarm and Log.
UPDATE:
My 'Body Content Types' rule does not work because off a problem with the '?' wildcard. So I removed the rule.
What can you do to protect your network:
1. Go to the 'URL Path' function of your HTTP-Proxy and add '*.eot' as a pattern match with the 'Rule action' set to Deny, Alarm and Log.
UPDATE:
My 'Body Content Types' rule does not work because off a problem with the '?' wildcard. So I removed the rule.
posted by Placebo at 10:21 PM
0 Comments:
Post a Comment
<< Home