No. Only IPS. The others were not feasible for this exploit.
------------------------------
John Owens
Strategic Support Engineer | Symantec Enterprise Division (SED)
Symantec
United States
------------------------------
Original Message:
Sent: 10-06-2020 12:46 PM
From: R Chand
Subject: CVE-2020-1472 IPS Signatures
Any coverage from SEP/SONAR?
Original Message:
Sent: 09-22-2020 06:20 PM
From: John Owens
Subject: CVE-2020-1472 IPS Signatures
Hello. Looks like 09/22/20 rev 061 has posted for all versions. This will include IPS signature 32577 (OS Attack: Microsoft Netlogon CVE-2020-1472).
Original Message:
Sent: 9/22/2020 10:50:00 AM
From: John_Owens
Subject: RE: CVE-2020-1472 IPS Signatures
We will be releasing IPS signature 32577 (OS Attack: Microsoft Netlogon CVE-2020-1472) today. As soon as I have confirmation of it being released and what revision I will post an update here.
------------------------------
John Owens
Strategic Support Engineer | Symantec Enterprise Division (SED)
Symantec
United States
Original Message:
Sent: 09-21-2020 12:52 PM
From: John Owens
Subject: CVE-2020-1472 IPS Signatures
I will have an update on this later this afternoon.
------------------------------
John Owens
Principal Product Support
Symantec
United States
Original Message:
Sent: 09-18-2020 09:48 AM
From: Amit Rathi
Subject: CVE-2020-1472 IPS Signatures
Hi John,
Please confirm if Symantec releases signature / definition for CVE-2020-1472 IPS Signatures
Original Message:
Sent: 09-16-2020 10:03 AM
From: John Owens
Subject: CVE-2020-1472 IPS Signatures
Update to this:
Symantec is investigating the possibility of IPS coverage for CVE-2020-1472. There is no ETA on when this investigation will be complete. Our suggestion is to patch as quickly as possible. I will update this thread once the investigation is complete.
------------------------------
John Owens
Principal Product Support
Symantec
United States
Original Message:
Sent: 09-15-2020 07:53 AM
From: Torbjørn Remmen
Subject: CVE-2020-1472 IPS Signatures
Hi
Is Broadcom working on an IPS signature for CVE-2020-1472? It was not listed in the latest Symantec response to Microsoft Monthly Security bulletins.
Symantec Endpoint Response to Microsoft Monthly Security Bulletins
NVD
------------------------------
Syscom AS
------------------------------