Network Inspection System (NIS) adds signatures to help in SQL injection and Cross-site scripting prevention

Forefront Threat Management Gateway 2010 (TMG) added a Network Inspection System (NIS) feature which detects vulnerabilities and exploits in multiple protocols. To learn more about NIS read this whitepaper.

Forefront TMG comes with a free complementary NIS subscription, through which we constantly update NIS with new signatures to help protect against current vulnerabilities and exploits.

We are happy to announce that we have published signatures to help protect from commonly used exploitations of the SQL injection and Cross-site scripting vulnerabilities.

The Microsoft Malware Protection Center encyclopedia has more information about these signatures:

• Expl:Win/HTTP.URL.SQLInj!0000-0000 contains information about the SQL injection signature
• Expl:Win/HTTP.URL.XSS!0000-0000 contains information about the Cross-site scripting signature

If you are using Forefront TMG and have chosen to use NIS (you should!!), you will receive these signatures automatically through the update center.

Author:
Ori Yosefi -  Senior Program Manager, Forefront TMG

Reviewers:
Ziv Mador - Senior Program Manager, Protection Team 
Gabriel Koren – Test Team, Forefront Edge