The Word document in the video has
been used in real attacks and is one of the
exploits analyzed by
McAfee
and
Alient Vault. The attack has been recreated on an isolated
test network with a vulnerable system running
Office 2007 on 64-bit Windows 7. As the video
demonstrates, the exploit interception feature in
DeepGuard 5 (our behavioral engine) prevents the
system from getting infected.
Moreover,
DeepGuard would have proactively protected our
customers from this zero-day exploit already prior
to the Microsoft advisory and without us ever
having seen the first samples.
Furthermore,
we did not need to add or modify any DeepGuard
detections — it blocked the current zero-day
with the same set of detection rules
as the previous Microsoft zero-day
about a month ago.
That is the power of
proactive, behavior-based exploit protection.