More Network Inspection System updates


A new Vuln (vulnerability) NIS definition for Outlook Express / Windows Mail MS10-030 joins the recent Expl (exploit) definition for the Sharepoint XSS issue (currently an Advisory).

The other type of signature is a Policy signature – not an exploit or a vulnerability per se, but a security feature an Administrator might want to enable.

NIS is one of the aspects of TMG 2010 I’m most speculatively excited about- imagine being able to more-or-less automatically protect a whole subnet of vulnerable machines while patches are being produced or deployed - and the MMPC have been steadily releasing definition updates that protect TMG-protected machines from known exploits since launch.

NIS updates typically coincide with a bulletin release – but recently, we’ve seen that they’ve been produced for at least one Advisory as well.

NIS updates aren’t particularly discoverable right now, though - I can’t find another way to get notifications of NIS updates other than through the TMG interface.

And NIS entries are not currently searchable in the MMPC Encyclopedia either - they’re linked directly from the definitions in the MMC above.