Rule Update

16-035 (November 8, 2016)


  DESCRIPTION

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

DCERPC Services - Client
1007913* - Identified Possible Ransomware File Extension Rename Activity Over Network Share - Client


HP OpenView Network Node Manager
1007643 - HP OpenView Network Node Manager ovw.dll Message Handling Buffer Overflow (CVE-2008-1842)


Microsoft Office
1008024 - Microsoft Office Information Disclosure Vulnerability (CVE-2016-7233)
1008018 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-7213)
1008019 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-7228)
1008020 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-7229)
1008021 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-7230)
1008022 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-7231)
1008023 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-7232)
1008025 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-7234)
1008026 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-7235)
1008027 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-7236)


NTP Server Linux
1007383 - NTP Configuration Directive File Overwrite Vulnerability (CVE-2015-7703)


Web Application PHP Based
1007973 - PHP ZipArchive Integer Overflow Vulnerability (CVE-2016-3078)


Web Client Common
1008029 - Microsoft Windows Animation Manager Memory Corruption Vulnerability (CVE-2016-7205)
1008031 - Microsoft Windows Media Foundation Memory Corruption Vulnerability (CVE-2016-7217)
1008035 - Microsoft Windows Multiple Elevation Of Privilege Vulnerabilities (MS16-138)
1007990 - Microsoft Windows Multiple Security Vulnerabilities (MS16-134)
1008034 - Microsoft Windows Multiple Security Vulnerabilities (MS16-135)
1008030 - Microsoft Windows OpenType Font Information Disclosure Vulnerability (CVE-2016-7210)
1008036 - Microsoft Windows OpenType Font Parsing Vulnerability (CVE-2016-7256)


Web Client Internet Explorer/Edge
1008014 - Microsoft Edge Information Disclosure Vulnerability (CVE-2016-7204)
1007994* - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7194)
1008008 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7200)
1008009 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7201)
1008013 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7202)
1008010 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7203)
1008016 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7240)
1008011 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7242)
1008015 - Microsoft Internet Explorer And Edge Information Disclosure Vulnerability (CVE-2016-7227)
1008012 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-7195)
1008006 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-7196)
1008007 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-7198)
1008017 - Microsoft Internet Explorer And Edge Remote Code Execution Vulnerability (CVE-2016-7241)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.