Tuesday, January 10, 2006

MS06-002 prevention (updated)

As part of there regular patch cycle, Microsoft has release 2 security patches. MS06-002 describes a vulnerability in Embedded Web Fonts. These files can be blocked by your watchguard firewall.

What can you do to protect your network:

1. Go to the 'URL Path' function of your HTTP-Proxy and add '*.eot' as a pattern match with the 'Rule action' set to Deny, Alarm and Log.


My 'Body Content Types' rule does not work because off a problem with the '?' wildcard. So I removed the rule.


Post a Comment

<< Home