Showing results for 
Show  only  | Search instead for 
Did you mean: 
Message 1 of 3

Internet Explorer Vulnerability

Given the latest Microsoft Window Update Debacle, and the yet to be "Fully" patched vulnerabilities in Internet Explorer 6-10..even to include Internet Explorer 11 (Windows 8). Is it safe to say we have full Product Coverage from McAfee Total Protection in regards to these possible exploits?

It is my understanding that these issues were addressed by "Engine Version" 1654 on 9/20/2013.

There has also been a Microsoft Security Advisory pertaining to "Adobe Flash Player"- Kb-2755801, hence have since been "Auto Updated by Adobe with the latest version being 11.8.800.175.

The Vulnerabilities mentioned above, were discovered more than a month ago during the "Pwn2own" hacking contest, and all exploits were exposed to all "Browsers" I might mention that both Chrome-Firefox addressed these issues.

Microsoft has issued a "Workaround-Fix-It" to temporarily add additional safety, until they have a remedy for the said vulnerability. I primarily utilize Internet Explorer 10-Fully updated, and have had no issues to date. I have chosen to not install the "Fix-it" as to date...have had no issues.

McAfee Volunteer
2 Replies
Message 2 of 3

Re: Internet Explorer Vulnerability

They don't tell us what updates cover I'm afraid, so I can only assume that they are fully aware of them.

Reliable Contributor
Reliable Contributor
Message 3 of 3

Re: Internet Explorer Vulnerability

No, McAfee pushes out Security Advisories at frequent intervals. You have to sign up to get them. Mostly the contents are intended for Corporate and Enterprise customers but they do say whenever a new DAT release covers a particular vulnerability. How that ties in with the recent move to engine updates for Consumer customers is not made clear, but if McAfee are updating for Enterprise they ought to be updating also for Consumer.

The specific question in the post appears to be about CVE-2013-3893 which was the subject of a Microsoft Security Advisory on September 17 and a Microsoft Support article (2887505) on the 18th which includes the interim FixIt workaround.

There is a McAfee blog about this vulnerability in Blog Central - "Product Coverage and Mitigation for CVE-2013-3893"

And, as I was writing this reply, an email notification came in of a new McAfee security advisory (MTIS13-154)

DAT files:                        Coverage will be provided as Exploit-CVE2013-3893 in the 7212 DATs, to be released September 30.

Coverage is provided for related malware as BackDoor-FBFA in the 7188 DATs, released September 4.

So, McAfee will provide cover for Windows vulnerabilities. Many of them are simple buffer overflows for which there is a generic detection capability.

How Many Badges Can You Collect?
Ready for a little competition? Members like you are earning badges and unlocking perks for their helpful answers. Are you? Click here to find out.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community