Identified Download Of Suspicious SCT File Over HTTP

  Severity: CRITICAL
  Advisory Date: JUN 16, 2016

  DESCRIPTION

Microsoft enables scripts that are embedded in an HTML document or in a Windows Scripting Host file to access COM+ objects. An attacker can create COM+ objects in script code stored in an Extensible Markup Language (XML) files, such files are called 'scriptlets' to execute command on the remote host. This is a heuristic based rule which identifies the download of such 'scriptlets' files over HTTP.

  TREND MICRO PROTECTION INFORMATION

Apply associated Trend Micro DPI Rules.

  SOLUTION

  Trend Micro Deep Security DPI Rule Number: 1007644

Featured Stories