Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
ED
Advisor

Internet Explorer zero-day security hole

Microsoft released yesterday an emergency (unscheduled) patch to fix a zero-day security hole in Internet Explorer.

https://blogs.technet.microsoft.com/msrc/2018/12/19/december-2018-security-update-release-2/

CVE-2018-8653. 

Checked IPS updates, not yet there. Waiting patiently Smiley Happy 

7 Replies
G_W_Albrecht
Legend Legend
Legend

Why not fix IE as that patch is available already ? Waiting for CP instead is real loyality but not good when seen from a security standpoint...

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
ED
Advisor

Because not everyone lives in a perfect world where security updates are rolled out right away and forced to be installed Smiley Happy 

G_W_Albrecht
Legend Legend
Legend

I do know, this is why i can make my living 😉

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
Omer_Shliva
Employee
Employee

Hello,

We will release a dedicated IPS protection for this CVE by EOD.

Danny
Champion Champion
Champion

In the meantime everyone who is in urgent need to detect & prevent this can use the Snort rules created by Cisco yesterday and implement it within Check Point as described here.

Dan_Roddy
Collaborator

In the past when I had a point IPS product, analysts work on the back channel and I routinely got zeroday filters on the morning of the announcement of the zero-day.  Are Checkpoint security analysts plugged in to the back channel communications like this?

PhoneBoy
Admin
Admin

We’re definitely part of the relevant programs with Microsoft and Adobe.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events