MAPP Advisories | Enterasys

COMPANY
About Enterasys »
News & Alerts »
Contact Us »
View All Company
PRODUCTS & SERVICES
Switching & Routing »
Chassis

Enterasys K-Series

Enterasys S-Series

Stackable

Enterasys 7100-Series

Enterasys A-Series

Enterasys B-Series

Enterasys C-Series
Standalone

Enterasys 800-Series

Enterasys D-Series

Enterasys G-Series

Enterasys I-Series

Enterasys S-Series
IdentiFi™ Wireless »

Controllers & Access Points
- Wireless Controllers
- Wireless Access Points
Wireless Tools
- Wireless Tools
Management & Security »
Software Defined Networking (SDN)

OneFabric Connect SDN

Data Center

Data Center Manager

NetSight

Wired/Wireless

NetSight

Wireless Controllers
Access Management and Advanced Security

Mobile IAM (BYOD)

Network Access Control

Enterasys Intrusion Prevention System

Enterasys Security Information and Event Manager
View All Products and Services
SOLUTIONS
By Technology
By Industry
Higher Education

K-12

Healthcare

Hospitality

State & Local Government

Federal Government
View All Solutions
PARTNERS

Find a Partner

Enterasys partners can help you find the right solution for your business – Start here.

Become a Partner

The Advantage Partner Program is unique to the networking industry – Learn more.

Alliance Ecosystem

Together, we bring best-of-breed solutions to customers, making enterprises more competitive through technology and partnership. – Learn more.

Partner Log-in

If you are already a member of the Partner Program access the Enterasys Extranet now for the latest partner resources – Login here.

View All Partners
TRAINING
Training

Robust, flexible training to meet your needs and the needs of your business.
Technology Courses

Designed to get you started managing Enterasys solutions.

View All Technology Courses

Advanced Courses

Designed for system integrators and architects.

View All Advanced Courses
Accelerated Courses

Intensive, multiple technology courses to help you quickly achieve certifications.

View All Accelerated Courses

Certifications

Three Levels of Technical Certifications: Specialist, Expert and Architect.

View All Certifications
View All Training
SUPPORT
Knowledgebase

Our knowledge at your fingertips – search the knowledgebase now!
- Search Knowledgebase
Tools
Product Licensing
Downloads
Contact Support
View All Support

Home > MAPP Advisories

Microsoft Active Protection Program Advisories

The Microsoft Active Protections Program (MAPP) is a program for security software providers that provides Enterasys with security vulnerability information from the Microsoft Security Response Center (MSRC) in advance of Microsoft's monthly security updates. Microsoft may release additional security advisories for vulnerabilities actively being exploited which requires additional protections from Enterasys.

(2847140) Vulnerability in Internet Explorer Could Allow Remote Code Execution

Microsoft has released an advisory (2847140) which addresses a zero-day vulnerability in the Microsoft Internet Explorer. There is currently no patch available for this vulnerability. Microsoft is actively working with MAPP partners to provide protections against attacks exploiting this vulnerability until a patch is ready to be released

The following signature(s) provide protection against this vulnerability:
IE:OBJECT-ACCESS-DELETE
WEB:BASE64-EVAL-SUSPICIOUS
WEB:BASE64-SUSPICIOUS

References:

Microsoft Security Advisory 2847140
CVE-2013-1347

(2794220) Vulnerability in Internet Explorer Could Allow Remote Code Execution

Microsoft has released an advisory (2974220) which addresses a zero-day vulnerability in the Microsoft Internet Explorer. There is currently no patch available for this vulnerability. Microsoft is actively working with MAPP partners to provide protections against attacks exploiting this vulnerability until a patch is ready to be released

The following signature(s) provide protection against this vulnerability:
IE:OBJECT-USE-AFTER-FREE
References:

Microsoft Security Advisory 2719615
CVE-2012-4792

(2719615) Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution

Microsoft has released an advisory (2719615) which addresses a zero-day vulnerability in the Microsoft XML Core Services. There is currently no patch available for this vulnerability. Microsoft is actively working with MAPP partners to provide protections against attacks exploiting this vulnerability until a patch is ready to be released.

The following signature(s) provide protection against this vulnerability:

IE:AX-MS-XMLCORE
IE:AX-MS-XMLCORE2
IE:AX-MS-XMLCORE3
IE:AX-MS-XMLCORE4
IE:AX-MS-XMLCORE5
IE:AX-MS-XMLCORE6
IE:AX-MS-XMLCORE7
IE:AX-MS-XMLCORE8
IE:AX-MS-XMLCORE9
IE:AX-MS-XMLCORE10

References:

Microsoft Security Advisory 2719615
CVE-2012-1889

(2639658) Vulnerability in TrueType Font Parsing Could Allow Elevation of Privilege

Microsoft has released an advisory (2639658) which addresses a zero-day vulnerability in Microsoft Windows. There is currently no patch available for this vulnerability. Microsoft is actively working with MAPP partners to provide protections against attacks exploiting this vulnerability until a patch is ready to be released.

The following signature(s) provide protection against this vulnerability:

MS:TTF-PRIVILEGE-ESCALATION

References:

Microsoft Security Advisory 2639658
W32.Dugu - The precursor to the next Stuxnet
CVE-2011-3402

MAPP Advisories

Chassis

Stackable

Standalone

Controllers & Access Points

Wireless Tools

Software Defined Networking (SDN)

Data Center

Wired/Wireless

Access Management and Advanced Security

By Technology

By Industry

Find a Partner

Become a Partner

Alliance Ecosystem

Partner Log-in

Training

Technology Courses

Advanced Courses

Accelerated Courses

Certifications

Knowledgebase

Tools

Product Licensing

Downloads

Contact Support

Microsoft Active Protection Program Advisories

(2847140) Vulnerability in Internet Explorer Could Allow Remote Code Execution

(2794220) Vulnerability in Internet Explorer Could Allow Remote Code Execution

(2719615) Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution

(2639658) Vulnerability in TrueType Font Parsing Could Allow Elevation of Privilege