topic CVE-2021-31166 vulnerability - any possible solutions from Palo to block this? in Advanced Threat Prevention Discussions

CVE-2021-31166 vulnerability - any possible solutions from Palo to block this?

tshooter — Tue, 18 May 2021 15:48:08 GMT

CVE-2021-31166 vulnerability - any possible solutions from Palo to block this? Or create a custom signature.

info I came across, but not sure if this is something Palo is planning on adding to their threat vuln protection signatures. See Microsoft has a patch, KB5003173, but what about until machines can be patched?
https://www.tenable.com/blog/microsoft-s-may-2021-patch-tuesday-addresses-55-cves-cve-2021-31166

https://www.neowin.net/news/exploit-released-for-windows-10-http-protocol-flaw-that-was-fixed-by-update-kb5003173/

Re: CVE-2021-31166 vulnerability - any possible solutions from Palo to block this?

hisingh — Tue, 18 May 2021 23:16:45 GMT

Hello @tshooter

The PaloAlto engineering team is creating a vulnerability signature, we will release it soon.

Best

Himani

Re: CVE-2021-31166 vulnerability - any possible solutions from Palo to block this?

tshooter — Wed, 19 May 2021 01:46:24 GMT

Thank you for reply!

That’s good to know, any estimate of time line of release?

Regards,

T

Re: CVE-2021-31166 vulnerability - any possible solutions from Palo to block this?

hisingh — Wed, 19 May 2021 14:34:20 GMT

I believe really soon, please watch the release

Re: CVE-2021-31166 vulnerability - any possible solutions from Palo to block this?

tshooter — Wed, 19 May 2021 15:13:28 GMT

Ok what do you mean watch the release? The next release? When is next release?
Current is version 8407.

Re: CVE-2021-31166 vulnerability - any possible solutions from Palo to block this?

hisingh — Wed, 19 May 2021 18:34:31 GMT

Hello

We do not have an ETA on this. Once this signature is passed through regression then it will be released. Since we don't have an estimated date, we can't say which version it will be released.

Best

Himani