https://live.paloaltonetworks.com/t5/general-topics/new-flash-volnureability-cve-2014-4671/m-p/16769#M12213 <HTML><HEAD></HEAD><BODY><P>You are watching the correct place to see when the update is available.</P><P></P><P>As <A href="https://live.paloaltonetworks.com/u1/19491">HULK</A> mentions, your sales engineer would be the best source for advance notice. </P><P></P><P>The sales engineer could also help you craft a manual work around if a vulnerability is a particularly high risk for your environment.&nbsp; You do need to be careful about these custom signatures as one of the reasons PA takes some time to produce a signature is to avoid a false positive that blocks production necessary traffic.&nbsp; The quick fixes based on initial information do carry a risk of blocking legitimate work on your network.</P><P></P><P>You need to measure your exposure risk for the particular vulnerability against the potential time lost in blocking legitimate traffic.</P><P></P><P>You can review the process in the documentation on creating&nbsp; a custom threat signature.</P><P><A href="https://live.paloaltonetworks.com/docs/DOC-5534">Creating Custom Threat Signatures</A></P></BODY></HTML> Thu, 10 Jul 2014 14:47:27 GMT pulukas 2014-07-10T14:47:27Z https://live.paloaltonetworks.com/t5/general-topics/new-flash-volnureability-cve-2014-4671/m-p/16765#M12209 <HTML><HEAD></HEAD><BODY><P>Hello</P><P></P><P>According to <A href="https://helpx.adobe.com/security/products/flash-player/apsb14-17.html" title="https://helpx.adobe.com/security/products/flash-player/apsb14-17.html">Adobe Security Bulletin</A> its serious volnureability, when we can expects protection on PAN?</P><P>At the moment on <A href="https://threatvault.paloaltonetworks.com/" title="https://threatvault.paloaltonetworks.com/">https://threatvault.paloaltonetworks.com/</A> I can't find CVE-2014-4671</P><P></P><P>Regards</P><P>Slawek</P></BODY></HTML> Thu, 10 Jul 2014 07:07:28 GMT https://live.paloaltonetworks.com/t5/general-topics/new-flash-volnureability-cve-2014-4671/m-p/16765#M12209 _slv_ 2014-07-10T07:07:28Z https://live.paloaltonetworks.com/t5/general-topics/new-flash-volnureability-cve-2014-4671/m-p/16766#M12210 <HTML><HEAD></HEAD><BODY><P>Hello Slv,</P><P></P><P>\When a vulnerability is identified/posted, Palo Alto Networks will do a reverse engineer for that vulnerability, to understand how the vulnerability could possibly be exploited to, and then build possible protection. It’s not <SPAN class="GINGER_SOFTWARE_mark">an</SPAN> simple task to create an appropriate signature.&nbsp;&nbsp; Hence, need to&nbsp; gather the right information about the vulnerability <SPAN class="GINGER_SOFTWARE_mark">( </SPAN>as much as possible) to build an IPS vulnerability signature, also Palo Alto Networks should take care about&nbsp; the false positives and performance implications in creating the signature.</P><P></P><P>So, please wait for further updates on this.</P><P></P><P>Thanks</P></BODY></HTML> Thu, 10 Jul 2014 07:20:54 GMT https://live.paloaltonetworks.com/t5/general-topics/new-flash-volnureability-cve-2014-4671/m-p/16766#M12210 HULK 2014-07-10T07:20:54Z https://live.paloaltonetworks.com/t5/general-topics/new-flash-volnureability-cve-2014-4671/m-p/16767#M12211 <HTML><HEAD></HEAD><BODY><P>Do You thing that we can expect emergency upgrade of therat signatures soon?</P></BODY></HTML> Thu, 10 Jul 2014 07:42:42 GMT https://live.paloaltonetworks.com/t5/general-topics/new-flash-volnureability-cve-2014-4671/m-p/16767#M12211 _slv_ 2014-07-10T07:42:42Z https://live.paloaltonetworks.com/t5/general-topics/new-flash-volnureability-cve-2014-4671/m-p/16768#M12212 <HTML><HEAD></HEAD><BODY><P>Hello <SPAN class="GINGER_SOFTWARE_mark">slv</SPAN>,</P><P>You may contact with your PA SE for most recent activity.</P><P></P><P>Thanks</P></BODY></HTML> Thu, 10 Jul 2014 07:47:37 GMT https://live.paloaltonetworks.com/t5/general-topics/new-flash-volnureability-cve-2014-4671/m-p/16768#M12212 HULK 2014-07-10T07:47:37Z https://live.paloaltonetworks.com/t5/general-topics/new-flash-volnureability-cve-2014-4671/m-p/16769#M12213 <HTML><HEAD></HEAD><BODY><P>You are watching the correct place to see when the update is available.</P><P></P><P>As <A href="https://live.paloaltonetworks.com/u1/19491">HULK</A> mentions, your sales engineer would be the best source for advance notice. </P><P></P><P>The sales engineer could also help you craft a manual work around if a vulnerability is a particularly high risk for your environment.&nbsp; You do need to be careful about these custom signatures as one of the reasons PA takes some time to produce a signature is to avoid a false positive that blocks production necessary traffic.&nbsp; The quick fixes based on initial information do carry a risk of blocking legitimate work on your network.</P><P></P><P>You need to measure your exposure risk for the particular vulnerability against the potential time lost in blocking legitimate traffic.</P><P></P><P>You can review the process in the documentation on creating&nbsp; a custom threat signature.</P><P><A href="https://live.paloaltonetworks.com/docs/DOC-5534">Creating Custom Threat Signatures</A></P></BODY></HTML> Thu, 10 Jul 2014 14:47:27 GMT https://live.paloaltonetworks.com/t5/general-topics/new-flash-volnureability-cve-2014-4671/m-p/16769#M12213 pulukas 2014-07-10T14:47:27Z