ruleUpdate
19-014 (19 de marca de 2019)
Publish Date: 19 de marca de 2019
DESCRIPTION
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Port Mapper FTP Client
1009558 - Remote File Copy Over FTP
Suspicious Client Ransomware Activity
1007581* - Ransomware Lectool
1007711* - Ransomware XORBAT
Suspicious Server Ransomware Activity
1007582* - Ransomware Lectool-1
Web Application Common
1009319 - ImageMagick 'ReadMATImage' Use After Free Vulnerability (CVE-2018-11624) - 1
1009421* - ImageMagick Multiple Security Vulnerabilities (Server) - 25
1009328 - ImageMagick ReadMIFFImage Denial Of Service Vulnerability (CVE-2017-18271) - 1
Web Client Common
1009207* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB18-21) - 2
1009239 - Foxit Reader 'addField' Use-After-Free Remote Code Execution Vulnerability (CVE-2018-9935)
1008829* - Foxit Reader Multiple Information Disclosure Vulnerabilities
1009318 - ImageMagick 'ReadMATImage' Use After Free Vulnerability (CVE-2018-11624)
1009329 - ImageMagick ReadMIFFImage Denial Of Service Vulnerability (CVE-2017-18271)
1009489 - Microsoft Windows Vcf And Contact File Insufficient UI Warning Remote Code Execution Vulnerability
1009554* - RARLAB WinRAR ACE Remote Code Execution Vulnerability (CVE-2018-20250)
Web Client Internet Explorer/Edge
1009469* - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-0568)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Port Mapper FTP Client
1009558 - Remote File Copy Over FTP
Suspicious Client Ransomware Activity
1007581* - Ransomware Lectool
1007711* - Ransomware XORBAT
Suspicious Server Ransomware Activity
1007582* - Ransomware Lectool-1
Web Application Common
1009319 - ImageMagick 'ReadMATImage' Use After Free Vulnerability (CVE-2018-11624) - 1
1009421* - ImageMagick Multiple Security Vulnerabilities (Server) - 25
1009328 - ImageMagick ReadMIFFImage Denial Of Service Vulnerability (CVE-2017-18271) - 1
Web Client Common
1009207* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB18-21) - 2
1009239 - Foxit Reader 'addField' Use-After-Free Remote Code Execution Vulnerability (CVE-2018-9935)
1008829* - Foxit Reader Multiple Information Disclosure Vulnerabilities
1009318 - ImageMagick 'ReadMATImage' Use After Free Vulnerability (CVE-2018-11624)
1009329 - ImageMagick ReadMIFFImage Denial Of Service Vulnerability (CVE-2017-18271)
1009489 - Microsoft Windows Vcf And Contact File Insufficient UI Warning Remote Code Execution Vulnerability
1009554* - RARLAB WinRAR ACE Remote Code Execution Vulnerability (CVE-2018-20250)
Web Client Internet Explorer/Edge
1009469* - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-0568)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.