https://community.cisco.com/t5/network-security/signature-id-3314-window-locator-service-overflow-deprecated/m-p/379774#M97330 <P>seeing a lot (thousands) hits of this signature with the victim as a printer or sms device. Is this something I need to be concerned about?</P> Sun, 10 Mar 2019 09:13:58 GMT RobhernandeZ 2019-03-10T09:13:58Z https://community.cisco.com/t5/network-security/signature-id-3314-window-locator-service-overflow-deprecated/m-p/379774#M97330 <P>seeing a lot (thousands) hits of this signature with the victim as a printer or sms device. Is this something I need to be concerned about?</P> Sun, 10 Mar 2019 09:13:58 GMT https://community.cisco.com/t5/network-security/signature-id-3314-window-locator-service-overflow-deprecated/m-p/379774#M97330 RobhernandeZ 2019-03-10T09:13:58Z https://community.cisco.com/t5/network-security/signature-id-3314-window-locator-service-overflow-deprecated/m-p/379775#M97331 <HTML><HEAD></HEAD><BODY><P>In order to answer your question it would be helpful to know which platform and software version you are using. I also need to know which subsig is firing. There are known false positives associated with 3314 subsig 0. It is disabled by default and marked as deprecated since 3314 subsig 1 more accurately detects this overflow. If anyone is actively trying to exploit this overflow then 3314.1 would be firing.</P><P></P><P></P></BODY></HTML> Thu, 13 Jan 2005 16:40:44 GMT https://community.cisco.com/t5/network-security/signature-id-3314-window-locator-service-overflow-deprecated/m-p/379775#M97331 craiwill 2005-01-13T16:40:44Z