This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
ED
Advisor
‎2018-12-20 12:32 AM

Internet Explorer zero-day security hole

Microsoft released yesterday an emergency (unscheduled) patch to fix a zero-day security hole in Internet Explorer.

https://blogs.technet.microsoft.com/msrc/2018/12/19/december-2018-security-update-release-2/

CVE-2018-8653. 

Checked IPS updates, not yet there. Waiting patiently Smiley Happy 

7 Replies
G_W_Albrecht
MVP Silver
MVP Silver
‎2018-12-20 12:38 AM

Why not fix IE as that patch is available already ? Waiting for CP instead is real loyality but not good when seen from a security standpoint...

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
ED
Advisor
‎2018-12-20 12:54 AM
In response to G_W_Albrecht

Because not everyone lives in a perfect world where security updates are rolled out right away and forced to be installed Smiley Happy 

G_W_Albrecht
MVP Silver
MVP Silver
‎2018-12-20 01:00 AM
In response to ED

I do know, this is why i can make my living 😉

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
Omer_Shliva
Employee Alumnus
Employee Alumnus
‎2018-12-20 01:02 AM

Hello,

We will release a dedicated IPS protection for this CVE by EOD.

Danny
MVP Platinum
MVP Platinum
‎2018-12-20 01:09 AM
In response to Omer_Shliva

In the meantime everyone who is in urgent need to detect & prevent this can use the Snort rules created by Cisco yesterday and implement it within Check Point as described here.

Dan_Roddy
Collaborator
‎2018-12-20 08:13 AM
In response to Danny

In the past when I had a point IPS product, analysts work on the back channel and I routinely got zeroday filters on the morning of the announcement of the zero-day.  Are Checkpoint security analysts plugged in to the back channel communications like this?

0 Kudos
PhoneBoy
Admin
Admin
‎2018-12-20 06:13 PM
In response to Dan_Roddy

We’re definitely part of the relevant programs with Microsoft and Adobe.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events