Thanks.for the additional info Ed On Apr 16, 2015 7:10 PM, "Kurt Buff" <[email protected]> wrote:
> I attended the SANS webinar, and we were told that if your IIS > installation requires authentication, it's not vulnerable. By auth, I > don't mean SSL/TLS. > > That doesn't help those whose infrastructure is public facing without > auth (basic web presence, ecommerce, etc.), but for > Exchange/Lync/etc., it seems to be a small relief. > > Another small note of relief, for those who have them, is that > PaloAlto's firewalls are supposed to have a signature for this. I'm > sure other brands either have it or will soon. > > Of course, patching is still a good thing. > > If anyone hears anything different on any of the above, I'm all ears. > > Kurt > > >
