Need more best practices & governance on mobile codes (eg: Flash player,
malicious codes being run when opening Pdf & 1 case of ransomware:
a) attachmt 1 is a screen of IE setting: mostly what to set in IE to stop ActiveX
& to set to Med-High (guess this is also to mitigate against ActiveX ?)
b) I wud say patch the various Adobe products (we use Adobe Flash &
Shockwave) within 1 week upon release of patches ?
c) attachmt 2 has some suggestions on ActiveX & Java only: not much
d) Does AV mitigate against mobile codes vulnerabilities? If so, keep
AV signatures updated is another mitigation
e) I'm sure IPS (NIDS & HIPS) have signatures for mobile codes but in
McAfee's case, by default, they are rolled out in Detect & not Block
mode? Should they be in Block mode?
f) any other best practices & governances for mobile code?