Blogs & Stories

SpiderLabs Blog

Attracting more than a half-million annual readers, this is the security community's go-to destination for technical breakdowns of the latest threats, critical vulnerability disclosures and cutting-edge research.

Trustwave Protections Deployed: MS11-083

Last week, it was Microsoft's Patch Tuesday! For November, Microsoft released one "critical" bulletin, two "important," and one "moderate". The most critical, MS11-083 (CVE-2011-2013) which indicates a flaw in the TCP/IP implementation that possibly allows remote code execution by an attacker flooding a vulnerable OS with crafted UDP packets.

Trustwave Spiderlabs has investigated the MS11-083 threat and the team has implemented protections for our Intrusion Detection System (IDS) platforms. The deployed solution relies on detecting unusual ICMP traffic associated with this attack. Trustwave offers a variety of security products to protect against the latest threats and below is the coverage for MS11-083.

Trustwave Coverage for MS11-083
ProductThreat Mitigation
Internal Vulnerability ScannerN/A
External Vulnerability ScannerN/A
Intrusion Detection System / Intrusion Prevention System (IDS/IPS)Signature deployed on 11-14-2011 to detect suspicious ICMP traffic.
Network Access Control (NAC)N/A

Microsoft has released a security update for this vulnerability. For additional information about this exploit and the affected operating systems, please visit http://technet.microsoft.com/en-us/security/bulletin/ms11-083.

Related SpiderLabs Blogs