Deep Security Center
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
DCERPC Services
1007596* - Identified Suspicious File Extension Rename Activity Over Network Share
1007598* - Identified Suspicious Rename Activity Over Network Share
SAP Netweaver Server
1007639 - Identified Unauthorized Access Of Servlets Over Web
Suspicious Client Application Activity
1007578* - Ransomware CryptFile
1007576* - Ransomware Cryptesla
1007579* - Ransomware HTTP Request
1007577* - Ransomware Hydra
1007581* - Ransomware Lectool
1007602* - Ransomware Locky
1007601* - Ransomware TCP Request
Suspicious Server Application Activity
1007580* - Ransomware HTTP Request-1
1007582* - Ransomware Lectool-1
1007533* - Ransomware TCP Request-1
Web Application Common
1007609* - ImageMagick Remote Code Execution Vulnerability (CVE-2016-3714)
Web Application PHP Based
1007641 - Magento Unauthenticated Arbitrary File Write Vulnerability (CVE-2016-4010)
Web Client Common
1007515* - Adobe Flash Player Heap Overflow Vulnerability (CVE-2016-1001)
1007635* - Adobe Flash Player Heap Overflow Vulnerability (CVE-2016-1101)
1007571 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-0997)
1007543 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-0998)
1007541 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-1000)
1007611* - ImageMagick Remote Code Execution Vulnerability (CVE-2016-3714) - 1
1007485* - Microsoft Windows Media Player Parsing Remote Code Execution Vulnerability (CVE-2016-0101)
Web Client Internet Explorer/Edge
1007372* - Microsoft Edge Memory Corruption Vulnerability (CVE-2016-0003)
Web Server Common
1002628* - Adobe RoboHelp Server SQL Injection Vulnerability
Web Server Miscellaneous
1007607* - RedHat JBoss Operations Network ContentManager Remote Code Execution Vulnerability (CVE-2015-0297)
1007606* - RedHat JBoss WildFly Application Server Information Disclosure Vulnerability (CVE-2016-0793)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
DCERPC Services
1007596* - Identified Suspicious File Extension Rename Activity Over Network Share
1007598* - Identified Suspicious Rename Activity Over Network Share
SAP Netweaver Server
1007639 - Identified Unauthorized Access Of Servlets Over Web
Suspicious Client Application Activity
1007578* - Ransomware CryptFile
1007576* - Ransomware Cryptesla
1007579* - Ransomware HTTP Request
1007577* - Ransomware Hydra
1007581* - Ransomware Lectool
1007602* - Ransomware Locky
1007601* - Ransomware TCP Request
Suspicious Server Application Activity
1007580* - Ransomware HTTP Request-1
1007582* - Ransomware Lectool-1
1007533* - Ransomware TCP Request-1
Web Application Common
1007609* - ImageMagick Remote Code Execution Vulnerability (CVE-2016-3714)
Web Application PHP Based
1007641 - Magento Unauthenticated Arbitrary File Write Vulnerability (CVE-2016-4010)
Web Client Common
1007515* - Adobe Flash Player Heap Overflow Vulnerability (CVE-2016-1001)
1007635* - Adobe Flash Player Heap Overflow Vulnerability (CVE-2016-1101)
1007571 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-0997)
1007543 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-0998)
1007541 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-1000)
1007611* - ImageMagick Remote Code Execution Vulnerability (CVE-2016-3714) - 1
1007485* - Microsoft Windows Media Player Parsing Remote Code Execution Vulnerability (CVE-2016-0101)
Web Client Internet Explorer/Edge
1007372* - Microsoft Edge Memory Corruption Vulnerability (CVE-2016-0003)
Web Server Common
1002628* - Adobe RoboHelp Server SQL Injection Vulnerability
Web Server Miscellaneous
1007607* - RedHat JBoss Operations Network ContentManager Remote Code Execution Vulnerability (CVE-2015-0297)
1007606* - RedHat JBoss WildFly Application Server Information Disclosure Vulnerability (CVE-2016-0793)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
TFTP Server
1003955* - TFTP Server Packet Handling Remote Buffer Overflow Vulnerability
Web Client Common
1007635 - Adobe Flash Player Heap Overflow Vulnerability (CVE-2016-1101)
1007636 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-1096)
1007637 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-1098)
1007638 - Adobe Flash Player Type Confusion Overflow Vulnerability (CVE-2016-4117)
1007542 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-0999)
1007626 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-1107)
1007628 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-1108)
1007627 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-1110)
Web Client Internet Explorer/Edge
1007616* - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-0193)
Integrity Monitoring Rules:
1003370* - Application - OpenSSL
1003334* - Application - Samba
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
TFTP Server
1003955* - TFTP Server Packet Handling Remote Buffer Overflow Vulnerability
Web Client Common
1007635 - Adobe Flash Player Heap Overflow Vulnerability (CVE-2016-1101)
1007636 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-1096)
1007637 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-1098)
1007638 - Adobe Flash Player Type Confusion Overflow Vulnerability (CVE-2016-4117)
1007542 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-0999)
1007626 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-1107)
1007628 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-1108)
1007627 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-1110)
Web Client Internet Explorer/Edge
1007616* - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-0193)
Integrity Monitoring Rules:
1003370* - Application - OpenSSL
1003334* - Application - Samba
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Application Control For File Sharing
1007608 - Application Control For Amazon Cloud Drive
1007605 - Application Control For BOX
Microsoft Office
1007619 - Microsoft Office Graphics RCE Vulnerability (CVE-2016-0183)
1007617 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-0126)
1007618 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-0140)
Suspicious Client Application Activity
1007578 - Ransomware CryptFile
1007576* - Ransomware Cryptesla
1007579 - Ransomware HTTP Request
1007577* - Ransomware Hydra
1007581* - Ransomware Lectool
1007602 - Ransomware Locky
1007601 - Ransomware TCP Request
Suspicious Server Application Activity
1007580 - Ransomware HTTP Request-1
1007582* - Ransomware Lectool-1
1007533 - Ransomware TCP Request-1
Web Application Common
1007609* - ImageMagick Remote Code Execution Vulnerability (CVE-2016-3714)
Web Application PHP Based
1007597* - Joomla Akeeba Kickstart Unserialize Remote Code Execution Vulnerability (CVE-2014-7228)
1006786* - PHP exif_process_unicode() Function Uninitialized Pointer Freeing Remote Code Execution Vulnerability
1007178* - WordPress Font Plugin Path Traversal Vulnerability (CVE-2015-7683)
Web Application Ruby Based
1007520* - RubyGems Actionpack Denial Of Service Vulnerability (CVE-2013-6414)
Web Client Common
1007629 - Adobe Acrobat And Reader Integer Overflow Vulnerability (CVE-2016-1043)
1007630 - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-1063)
1007633 - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-1073)
1007631 - Adobe Acrobat And Reader Use After Free Vulnerability (CVE-2016-1065)
1007632 - Adobe Acrobat And Reader Use After Free Vulnerability (CVE-2016-1070)
1007078* - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-5574)
1007453* - Adobe Flash Player Use After Free Vulnerability (CVE-2016-0984)
1007568* - Adobe Flash Player Use After Free Vulnerability (CVE-2016-1016)
1007594* - Apple QuickTime 'moov' Atom Heap Corruption Remote Code Execution Vulnerability
1007595* - Apple QuickTime Atom Processing Heap Corruption Remote Code Execution Vulnerability
1007611 - ImageMagick Remote Code Execution Vulnerability (CVE-2016-3714) - 1
1007620 - Microsoft Windows Graphics Component Information Disclosure Vulnerability (CVE-2016-0168)
1007621 - Microsoft Windows Graphics Component Information Disclosure Vulnerability (CVE-2016-0169)
1007622 - Microsoft Windows Graphics Component RCE Vulnerability (CVE-2016-0170)
1007624 - Microsoft Windows Media Center Remote Code Execution Vulnerability (CVE-2016-0185)
1007537 - Microsoft Windows OpenType Font Parsing Vulnerability (CVE-2016-0120)
Web Client Internet Explorer/Edge
1007615 - Microsoft Edge Memory Corruption Vulnerability (CVE-2016-0191)
1007616 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-0193)
1007614 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-0192)
1007177* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-6086)
1007407* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-0063)
1007471* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-0106)
1007612 - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2016-0187)
1007613 - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2016-0189)
1007623 - Microsoft Windows Direct3D Use After Free Vulnerability (CVE-2016-0184)
Web Server Common
1007213 - Disallow Upload Of A Class File
1007212 - Disallow Upload Of An Archive File
Web Server Miscellaneous
1007532* - JBoss Application Server Unauthenticated Remote Command Execution Vulnerability
1007607 - RedHat JBoss Operations Network ContentManager Remote Code Execution Vulnerability (CVE-2015-0297)
1007606 - RedHat JBoss WildFly Application Server Information Disclosure Vulnerability (CVE-2016-0793)
Windows Services RPC Server
1007596* - Identified Suspicious File Extension Rename Activity Over Network Share
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Application Control For File Sharing
1007608 - Application Control For Amazon Cloud Drive
1007605 - Application Control For BOX
Microsoft Office
1007619 - Microsoft Office Graphics RCE Vulnerability (CVE-2016-0183)
1007617 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-0126)
1007618 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-0140)
Suspicious Client Application Activity
1007578 - Ransomware CryptFile
1007576* - Ransomware Cryptesla
1007579 - Ransomware HTTP Request
1007577* - Ransomware Hydra
1007581* - Ransomware Lectool
1007602 - Ransomware Locky
1007601 - Ransomware TCP Request
Suspicious Server Application Activity
1007580 - Ransomware HTTP Request-1
1007582* - Ransomware Lectool-1
1007533 - Ransomware TCP Request-1
Web Application Common
1007609* - ImageMagick Remote Code Execution Vulnerability (CVE-2016-3714)
Web Application PHP Based
1007597* - Joomla Akeeba Kickstart Unserialize Remote Code Execution Vulnerability (CVE-2014-7228)
1006786* - PHP exif_process_unicode() Function Uninitialized Pointer Freeing Remote Code Execution Vulnerability
1007178* - WordPress Font Plugin Path Traversal Vulnerability (CVE-2015-7683)
Web Application Ruby Based
1007520* - RubyGems Actionpack Denial Of Service Vulnerability (CVE-2013-6414)
Web Client Common
1007629 - Adobe Acrobat And Reader Integer Overflow Vulnerability (CVE-2016-1043)
1007630 - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-1063)
1007633 - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-1073)
1007631 - Adobe Acrobat And Reader Use After Free Vulnerability (CVE-2016-1065)
1007632 - Adobe Acrobat And Reader Use After Free Vulnerability (CVE-2016-1070)
1007078* - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-5574)
1007453* - Adobe Flash Player Use After Free Vulnerability (CVE-2016-0984)
1007568* - Adobe Flash Player Use After Free Vulnerability (CVE-2016-1016)
1007594* - Apple QuickTime 'moov' Atom Heap Corruption Remote Code Execution Vulnerability
1007595* - Apple QuickTime Atom Processing Heap Corruption Remote Code Execution Vulnerability
1007611 - ImageMagick Remote Code Execution Vulnerability (CVE-2016-3714) - 1
1007620 - Microsoft Windows Graphics Component Information Disclosure Vulnerability (CVE-2016-0168)
1007621 - Microsoft Windows Graphics Component Information Disclosure Vulnerability (CVE-2016-0169)
1007622 - Microsoft Windows Graphics Component RCE Vulnerability (CVE-2016-0170)
1007624 - Microsoft Windows Media Center Remote Code Execution Vulnerability (CVE-2016-0185)
1007537 - Microsoft Windows OpenType Font Parsing Vulnerability (CVE-2016-0120)
Web Client Internet Explorer/Edge
1007615 - Microsoft Edge Memory Corruption Vulnerability (CVE-2016-0191)
1007616 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-0193)
1007614 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-0192)
1007177* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-6086)
1007407* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-0063)
1007471* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-0106)
1007612 - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2016-0187)
1007613 - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2016-0189)
1007623 - Microsoft Windows Direct3D Use After Free Vulnerability (CVE-2016-0184)
Web Server Common
1007213 - Disallow Upload Of A Class File
1007212 - Disallow Upload Of An Archive File
Web Server Miscellaneous
1007532* - JBoss Application Server Unauthenticated Remote Command Execution Vulnerability
1007607 - RedHat JBoss Operations Network ContentManager Remote Code Execution Vulnerability (CVE-2015-0297)
1007606 - RedHat JBoss WildFly Application Server Information Disclosure Vulnerability (CVE-2016-0793)
Windows Services RPC Server
1007596* - Identified Suspicious File Extension Rename Activity Over Network Share
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Web Application Common
1007610 - Identified Usage Of ImageMagick Pseudo Protocols
1007609 - ImageMagick Remote Code Execution Vulnerability (CVE-2016-3714)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Web Application Common
1007610 - Identified Usage Of ImageMagick Pseudo Protocols
1007609 - ImageMagick Remote Code Execution Vulnerability (CVE-2016-3714)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Web Server Miscellaneous
1007603 - Apache Struts Dynamic Method Invocation Remote Code Execution Vulnerability (CVE-2016-3081)
1007604 - Identified Apache Struts Method Prefix In HTTP Request
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Web Server Miscellaneous
1007603 - Apache Struts Dynamic Method Invocation Remote Code Execution Vulnerability (CVE-2016-3081)
1007604 - Identified Apache Struts Method Prefix In HTTP Request
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Backup Server IBM Tivoli Storage Manager FastBack Server
1007351* - IBM Tivoli Storage Manager FastBack Command Execution Vulnerability (CVE-2015-1949)
1007357* - IBM Tivoli Storage Manager FastBack Server Buffer Overflow (CVE-2015-1929)
1007356* - IBM Tivoli Storage Manager FastBack Server Buffer Overflow Vulnerability (CVE-2015-1924)
1007352* - IBM Tivoli Storage Manager FastBack Server Information Disclosure Vulnerability (CVE-2015-1941)
1007354* - IBM Tivoli Storage Manager FastBack Server Memory Corruption Vulnerability
1007353* - IBM Tivoli Storage Manager FastBack Server Opcode 1301 Remote Code Execution Vulnerability
1007365* - IBM Tivoli Storage Manager FastBack Server Opcode 1335 Remote Code Execution Vulnerability
1007464* - IBM Tivoli Storage Manager FastBack Stack Buffer Overflow Vulnerability (CVE-2015-4931)
HP Intelligent Management Center (IMC)
1005845* - HP Intelligent Management Center sdFileDownload Servlet Remote File Disclosure Vulnerability
TFTP Server
1003955* - TFTP Server Packet Handling Remote Buffer Overflow Vulnerability
Web Application PHP Based
1007597 - Joomla Akeeba Kickstart Unserialize Remote Code Execution Vulnerability (CVE-2014-7228)
1006786 - PHP exif_process_unicode() Function Uninitialized Pointer Freeing Remote Code Execution Vulnerability
1007178 - WordPress Font Plugin Path Traversal Vulnerability (CVE-2015-7683)
Web Application Ruby Based
1007520 - RubyGems Actionpack Denial Of Service Vulnerability (CVE-2013-6414)
Web Client Common
1007536 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-8426)
1007600 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-8823)
1007018 - cURL/libcURL Cookie Parser Out Of Bounds Read Remote Code Execution Vulnerability (CVE-2015-3145)
Web Client Internet Explorer/Edge
1004958* - Internet Explorer Exec ActiveX Remote Code Execution
1007552* - Microsoft Edge Elevation Of Privilege Vulnerability (CVE-2016-0161)
Web Server Common
1005434* - Disallow Upload Of A PHP File
1007222* - WordPress Ajax Load More Plugin File Upload Vulnerability
Web Server IIS
1007430* - Microsoft .NET Framework Stack Overflow Denial Of Service Vulnerability (CVE-2016-0033)
Web Server Oracle
1007204* - Oracle WebLogic Server Java Deserialization Objects Remote Code Execution Vulnerability
Windows Services RPC Client
1007494* - Adobe Acrobat DLL Loading Arbitrary Code Execution Vulnerability (CVE-2016-1008)
1007566* - Adobe Flash Player DLL Hijacking Vulnerability Over Network Share (CVE-2016-1014)
1007592* - Microsoft Windows DLL Loading Vulnerabilities Over Network Share (CVE-2016-0160 and CVE-2016-0148)
Windows Services RPC Server
1007596 - Identified Suspicious File Extension Rename Activity Over Network Share
1007598 - Identified Suspicious Rename Activity Over Network Share
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Backup Server IBM Tivoli Storage Manager FastBack Server
1007351* - IBM Tivoli Storage Manager FastBack Command Execution Vulnerability (CVE-2015-1949)
1007357* - IBM Tivoli Storage Manager FastBack Server Buffer Overflow (CVE-2015-1929)
1007356* - IBM Tivoli Storage Manager FastBack Server Buffer Overflow Vulnerability (CVE-2015-1924)
1007352* - IBM Tivoli Storage Manager FastBack Server Information Disclosure Vulnerability (CVE-2015-1941)
1007354* - IBM Tivoli Storage Manager FastBack Server Memory Corruption Vulnerability
1007353* - IBM Tivoli Storage Manager FastBack Server Opcode 1301 Remote Code Execution Vulnerability
1007365* - IBM Tivoli Storage Manager FastBack Server Opcode 1335 Remote Code Execution Vulnerability
1007464* - IBM Tivoli Storage Manager FastBack Stack Buffer Overflow Vulnerability (CVE-2015-4931)
HP Intelligent Management Center (IMC)
1005845* - HP Intelligent Management Center sdFileDownload Servlet Remote File Disclosure Vulnerability
TFTP Server
1003955* - TFTP Server Packet Handling Remote Buffer Overflow Vulnerability
Web Application PHP Based
1007597 - Joomla Akeeba Kickstart Unserialize Remote Code Execution Vulnerability (CVE-2014-7228)
1006786 - PHP exif_process_unicode() Function Uninitialized Pointer Freeing Remote Code Execution Vulnerability
1007178 - WordPress Font Plugin Path Traversal Vulnerability (CVE-2015-7683)
Web Application Ruby Based
1007520 - RubyGems Actionpack Denial Of Service Vulnerability (CVE-2013-6414)
Web Client Common
1007536 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-8426)
1007600 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-8823)
1007018 - cURL/libcURL Cookie Parser Out Of Bounds Read Remote Code Execution Vulnerability (CVE-2015-3145)
Web Client Internet Explorer/Edge
1004958* - Internet Explorer Exec ActiveX Remote Code Execution
1007552* - Microsoft Edge Elevation Of Privilege Vulnerability (CVE-2016-0161)
Web Server Common
1005434* - Disallow Upload Of A PHP File
1007222* - WordPress Ajax Load More Plugin File Upload Vulnerability
Web Server IIS
1007430* - Microsoft .NET Framework Stack Overflow Denial Of Service Vulnerability (CVE-2016-0033)
Web Server Oracle
1007204* - Oracle WebLogic Server Java Deserialization Objects Remote Code Execution Vulnerability
Windows Services RPC Client
1007494* - Adobe Acrobat DLL Loading Arbitrary Code Execution Vulnerability (CVE-2016-1008)
1007566* - Adobe Flash Player DLL Hijacking Vulnerability Over Network Share (CVE-2016-1014)
1007592* - Microsoft Windows DLL Loading Vulnerabilities Over Network Share (CVE-2016-0160 and CVE-2016-0148)
Windows Services RPC Server
1007596 - Identified Suspicious File Extension Rename Activity Over Network Share
1007598 - Identified Suspicious Rename Activity Over Network Share
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Web Client Common
1007594 - Apple QuickTime 'moov' Atom Heap Corruption Remote Code Execution Vulnerability
1007595 - Apple QuickTime Atom Processing Heap Corruption Remote Code Execution Vulnerability
1007136* - Apple Quicktime 'stbl' Remote Code Execution Vulnerability
1007223* - Microsoft GS Wavetable Synth Memory Corruption Vulnerability
Web Server Miscellaneous
1007532 - JBoss Application Server Unauthenticated Remote Command Execution Vulnerability
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Web Client Common
1007594 - Apple QuickTime 'moov' Atom Heap Corruption Remote Code Execution Vulnerability
1007595 - Apple QuickTime Atom Processing Heap Corruption Remote Code Execution Vulnerability
1007136* - Apple Quicktime 'stbl' Remote Code Execution Vulnerability
1007223* - Microsoft GS Wavetable Synth Memory Corruption Vulnerability
Web Server Miscellaneous
1007532 - JBoss Application Server Unauthenticated Remote Command Execution Vulnerability
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Application Control For File Sharing
1007463* - Application Control For Microsoft OneDrive
Backup Server IBM Tivoli Storage Manager FastBack Server
1007353 - IBM Tivoli Storage Manager FastBack Server Opcode 1301 Remote Code Execution Vulnerability
1007365 - IBM Tivoli Storage Manager FastBack Server Opcode 1335 Remote Code Execution Vulnerability
Microsoft Office
1007555 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-0122)
1007556 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-0127)
1007557 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-0136)
1007560 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-0139)
OpenSSL
1007072* - GNU Libtasn1 'decoding.c' Heap Buffer Overflow Vulnerability (CVE-2015-3622)
Port Mapper Windows
1001033* - Windows Port Mapper Decoder
Suspicious Client Application Activity
1007576 - Ransomware Cryptesla
1007577 - Ransomware Hydra
1007581 - Ransomware Lectool
Suspicious Server Application Activity
1007582 - Ransomware Lectool-1
Unix Samba Client
1007584 - SAMBA RPC Authentication Level Downgrade Vulnerability
Unix Samba Client DCERPC
1007586 - SAMBA RPC Authentication Level Downgrade Vulnerability - 1
1007585 - Unix Samba Client Port Mapper Decoder
Unix Samba Server DCERPC
1007593 - Identified SAMBA DCERPC AUTH LEVEL CONNECT Password Validate Request
1007588 - Unix Samba Server Port Mapper Decoder
Web Application Common
1000608* - Generic SQL Injection Prevention
Web Client Common
1007570 - Adobe Flash Player Buffer Overflow Vulnerability (CVE-2016-1018)
1007590 - Adobe Flash Player DLL Hijacking Vulnerability Over WebDAV (CVE-2016-1014)
1007564 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-1012)
1007572* - Adobe Flash Player Remote Code Execution Vulnerability (CVE-2016-1019)
1007562 - Adobe Flash Player Security Bypass Vulnerability (CVE-2016-1006)
1007567 - Adobe Flash Player Type Confusion Vulnerability (CVE-2016-1015)
1007563 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-1011)
1007565 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-1013)
1007568 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-1016)
1007569 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-1017)
1006532* - Identified Malicious Adobe Flash SWF File - 1
1007591 - Microsoft Windows DLL Loading Vulnerabilities Over WebDAV (CVE-2016-0160 and CVE-2016-0148)
1007370* - Microsoft Windows DLL Loading Vulnerabilities Over WebDAV (MS16-007)
1007553 - Microsoft Windows Graphics Memory Corruption Vulnerability (CVE-2016-0145)
1007558 - Microsoft Windows OLE Remote Code Execution Vulnerability (CVE-2016-0153)
1007526 - Oracle Java SE Remote Code Execution Vulnerability (CVE-2016-0636)
Web Client Internet Explorer/Edge
1007551 - Microsoft Edge Elevation Of Privilege Vulnerability (CVE-2016-0158)
1007552 - Microsoft Edge Elevation Of Privilege Vulnerability (CVE-2016-0161)
1007548 - Microsoft Edge Memory Corruption Vulnerability (CVE-2016-0155)
1007549 - Microsoft Edge Memory Corruption Vulnerability (CVE-2016-0156)
1007550 - Microsoft Edge Memory Corruption Vulnerability (CVE-2016-0157)
1007544 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-0154)
1007545 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-0159)
1007546 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-0164)
1007547 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-0166)
1007554 - Microsoft Windows MSXML Remote Code Execution Vulnerability (CVE-2016-0147)
Web Client SSL
1006606* - Identified Fraudulent Digital Certificate - 1
Web Server Miscellaneous
1004189* - RedHat JBoss Enterprise Application Platform JMX Console Authentication Bypass
Web Server Oracle Report Server
1000502* - Oracle Reports OS Command Injection Attempt
Windows Services RPC Client
1007566 - Adobe Flash Player DLL Hijacking Vulnerability Over Network Share (CVE-2016-1014)
1007592 - Microsoft Windows DLL Loading Vulnerabilities Over Network Share (CVE-2016-0160 and CVE-2016-0148)
1007369* - Microsoft Windows DLL Loading Vulnerabilities Over Network Share (MS16-007)
1007531 - Microsoft Windows RPC Downgrade Vulnerability (CVE-2016-0128)
Windows Services RPC Client DCERPC
1007539 - Microsoft Windows RPC Downgrade Vulnerability (CVE-2016-0128) - 1
1007538 - Windows Client Port Mapper Decoder
Windows Services RPC Server DCERPC
1007561 - Identified Windows DCERPC AUTH LEVEL CONNECT Password Validate Request
Integrity Monitoring Rules:
1005041* - Malware - Suspicious Microsoft Windows Files Detected
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Application Control For File Sharing
1007463* - Application Control For Microsoft OneDrive
Backup Server IBM Tivoli Storage Manager FastBack Server
1007353 - IBM Tivoli Storage Manager FastBack Server Opcode 1301 Remote Code Execution Vulnerability
1007365 - IBM Tivoli Storage Manager FastBack Server Opcode 1335 Remote Code Execution Vulnerability
Microsoft Office
1007555 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-0122)
1007556 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-0127)
1007557 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-0136)
1007560 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-0139)
OpenSSL
1007072* - GNU Libtasn1 'decoding.c' Heap Buffer Overflow Vulnerability (CVE-2015-3622)
Port Mapper Windows
1001033* - Windows Port Mapper Decoder
Suspicious Client Application Activity
1007576 - Ransomware Cryptesla
1007577 - Ransomware Hydra
1007581 - Ransomware Lectool
Suspicious Server Application Activity
1007582 - Ransomware Lectool-1
Unix Samba Client
1007584 - SAMBA RPC Authentication Level Downgrade Vulnerability
Unix Samba Client DCERPC
1007586 - SAMBA RPC Authentication Level Downgrade Vulnerability - 1
1007585 - Unix Samba Client Port Mapper Decoder
Unix Samba Server DCERPC
1007593 - Identified SAMBA DCERPC AUTH LEVEL CONNECT Password Validate Request
1007588 - Unix Samba Server Port Mapper Decoder
Web Application Common
1000608* - Generic SQL Injection Prevention
Web Client Common
1007570 - Adobe Flash Player Buffer Overflow Vulnerability (CVE-2016-1018)
1007590 - Adobe Flash Player DLL Hijacking Vulnerability Over WebDAV (CVE-2016-1014)
1007564 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-1012)
1007572* - Adobe Flash Player Remote Code Execution Vulnerability (CVE-2016-1019)
1007562 - Adobe Flash Player Security Bypass Vulnerability (CVE-2016-1006)
1007567 - Adobe Flash Player Type Confusion Vulnerability (CVE-2016-1015)
1007563 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-1011)
1007565 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-1013)
1007568 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-1016)
1007569 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-1017)
1006532* - Identified Malicious Adobe Flash SWF File - 1
1007591 - Microsoft Windows DLL Loading Vulnerabilities Over WebDAV (CVE-2016-0160 and CVE-2016-0148)
1007370* - Microsoft Windows DLL Loading Vulnerabilities Over WebDAV (MS16-007)
1007553 - Microsoft Windows Graphics Memory Corruption Vulnerability (CVE-2016-0145)
1007558 - Microsoft Windows OLE Remote Code Execution Vulnerability (CVE-2016-0153)
1007526 - Oracle Java SE Remote Code Execution Vulnerability (CVE-2016-0636)
Web Client Internet Explorer/Edge
1007551 - Microsoft Edge Elevation Of Privilege Vulnerability (CVE-2016-0158)
1007552 - Microsoft Edge Elevation Of Privilege Vulnerability (CVE-2016-0161)
1007548 - Microsoft Edge Memory Corruption Vulnerability (CVE-2016-0155)
1007549 - Microsoft Edge Memory Corruption Vulnerability (CVE-2016-0156)
1007550 - Microsoft Edge Memory Corruption Vulnerability (CVE-2016-0157)
1007544 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-0154)
1007545 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-0159)
1007546 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-0164)
1007547 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-0166)
1007554 - Microsoft Windows MSXML Remote Code Execution Vulnerability (CVE-2016-0147)
Web Client SSL
1006606* - Identified Fraudulent Digital Certificate - 1
Web Server Miscellaneous
1004189* - RedHat JBoss Enterprise Application Platform JMX Console Authentication Bypass
Web Server Oracle Report Server
1000502* - Oracle Reports OS Command Injection Attempt
Windows Services RPC Client
1007566 - Adobe Flash Player DLL Hijacking Vulnerability Over Network Share (CVE-2016-1014)
1007592 - Microsoft Windows DLL Loading Vulnerabilities Over Network Share (CVE-2016-0160 and CVE-2016-0148)
1007369* - Microsoft Windows DLL Loading Vulnerabilities Over Network Share (MS16-007)
1007531 - Microsoft Windows RPC Downgrade Vulnerability (CVE-2016-0128)
Windows Services RPC Client DCERPC
1007539 - Microsoft Windows RPC Downgrade Vulnerability (CVE-2016-0128) - 1
1007538 - Windows Client Port Mapper Decoder
Windows Services RPC Server DCERPC
1007561 - Identified Windows DCERPC AUTH LEVEL CONNECT Password Validate Request
Integrity Monitoring Rules:
1005041* - Malware - Suspicious Microsoft Windows Files Detected
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Web Client Common
1007572 - Adobe Flash Player Remote Code Execution Vulnerability (CVE-2016-1019)
1006532* - Identified Malicious Adobe Flash SWF File - 1
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Web Client Common
1007572 - Adobe Flash Player Remote Code Execution Vulnerability (CVE-2016-1019)
1006532* - Identified Malicious Adobe Flash SWF File - 1
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Backup Server IBM Tivoli Storage Manager FastBack Mount
1007271* - IBM Tivoli Storage Manager FastBack Buffer Overflow Vulnerability (CVE-2015-0120)
1007349* - IBM Tivoli Storage Manager FastBack Mount Stack Buffer Overflow Vulnerability (CVE-2015-0119)
Backup Server IBM Tivoli Storage Manager FastBack Server
1007351 - IBM Tivoli Storage Manager FastBack Command Execution Vulnerability (CVE-2015-1949)
1007357 - IBM Tivoli Storage Manager FastBack Server Buffer Overflow (CVE-2015-1929)
1007356 - IBM Tivoli Storage Manager FastBack Server Buffer Overflow Vulnerability (CVE-2015-1924)
1007355* - IBM Tivoli Storage Manager FastBack Server Command Injection Vulnerabilities
1007352 - IBM Tivoli Storage Manager FastBack Server Information Disclosure Vulnerability (CVE-2015-1941)
1007354 - IBM Tivoli Storage Manager FastBack Server Memory Corruption Vulnerability
1007464 - IBM Tivoli Storage Manager FastBack Stack Buffer Overflow Vulnerability (CVE-2015-4931)
Mail Server Miscellaneous
1006020* - Mercury Mail Transport System AUTH CRAM-MD5 Buffer Overflow Vulnerability
Microsoft Office
1007419* - Microsoft Office Memory Corruption Vulnerability (CVE-2016-0052)
Shellcode
1001183* - Identified Suspicious Usage Of Shellcode
Web Application Common
1007518 - Identified Reflected File Download Attack
Web Application PHP Based
1007272 - PHP SPL ArrayObject Use After Free Vulnerability
1007255 - PHP SplObjectStorage Use After Free Vulnerability
1007135* - WordPress XMLRPC 'system.multicall' Brute Force Amplification Attack
Web Application Tomcat
1005929* - Apache Tomcat Commons UploadFile Denial Of Service Vulnerability
Web Client Common
1007493 - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-1007)
1007495 - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-1009)
1007516 - Adobe Acrobat DLL Loading Arbitrary Code Execution Vulnerability Over WebDAV (CVE-2016-1008)
1007515 - Adobe Flash Player Heap Overflow Vulnerability (CVE-2016-1001)
1007496 - Adobe Flash Player Integer Overflow Vulnerability (CVE-2016-0963)
1007511 - Adobe Flash Player Integer Overflow Vulnerability (CVE-2016-0993)
1007519* - Adobe Flash Player Integer Overflow Vulnerability (CVE-2016-1010)
1007497* - Adobe Flash Player Memory Corruption Vulnerabilities
1007501 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-0960)
1007500 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-0961)
1007499 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-0962)
1007505 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-0986)
1007508 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-0989)
1007506 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-0987)
1007507 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-0988)
1007509 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-0990)
1007510 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-0991)
1007512 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-0994)
1007513 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-0995)
1007514 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-0996)
1007136 - Apple Quicktime 'stbl' Remote Code Execution Vulnerability
1007095 - Apple Quicktime Heap Overflow Vulnerability (CVE-2015-3668)
1007523 - Libxml2 Out Of Bound Read Multiple Information Disclosure Vulnerabilities (CVE-2015-7941)
1007368* - Microsoft DirectShow Heap Corruption Vulnerability (CVE-2016-0015)
1007223 - Microsoft GS Wavetable Synth Memory Corruption Vulnerability
1007366* - Microsoft Silverlight Runtime Remote Code Execution Vulnerability (CVE-2016-0034)
1007427* - Microsoft Windows DLL Loading Vulnerabilities Over WebDAV (MS16-014)
1003589* - Sun Java Runtime Environment And Java Development Kit Security Vulnerability
Web Client Internet Explorer/Edge
1007406* - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-0061)
1007462 - Microsoft Internet Explorer GetCommonAncestorElement Denial Of Service Vulnerability
1007473* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-0108)
1007477* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-0113)
Web Server Common
1007222 - WordPress Ajax Load More Plugin File Upload Vulnerability
Web Server Oracle
1007204 - Oracle WebLogic Server Java Deserialization Objects Remote Code Execution Vulnerability
Windows Services RPC Client
1007494 - Adobe Acrobat DLL Loading Arbitrary Code Execution Vulnerability (CVE-2016-1008)
1007381* - Microsoft Windows DLL Loading Vulnerabilities Over Network Share (MS15-132)
1007426* - Microsoft Windows DLL Loading Vulnerabilities Over Network Share (MS16-014)
Integrity Monitoring Rules:
1005041* - Malware - Suspicious Microsoft Windows Files Detected
1005042* - Malware - Suspicious Microsoft Windows Registry Entries Detected
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Backup Server IBM Tivoli Storage Manager FastBack Mount
1007271* - IBM Tivoli Storage Manager FastBack Buffer Overflow Vulnerability (CVE-2015-0120)
1007349* - IBM Tivoli Storage Manager FastBack Mount Stack Buffer Overflow Vulnerability (CVE-2015-0119)
Backup Server IBM Tivoli Storage Manager FastBack Server
1007351 - IBM Tivoli Storage Manager FastBack Command Execution Vulnerability (CVE-2015-1949)
1007357 - IBM Tivoli Storage Manager FastBack Server Buffer Overflow (CVE-2015-1929)
1007356 - IBM Tivoli Storage Manager FastBack Server Buffer Overflow Vulnerability (CVE-2015-1924)
1007355* - IBM Tivoli Storage Manager FastBack Server Command Injection Vulnerabilities
1007352 - IBM Tivoli Storage Manager FastBack Server Information Disclosure Vulnerability (CVE-2015-1941)
1007354 - IBM Tivoli Storage Manager FastBack Server Memory Corruption Vulnerability
1007464 - IBM Tivoli Storage Manager FastBack Stack Buffer Overflow Vulnerability (CVE-2015-4931)
Mail Server Miscellaneous
1006020* - Mercury Mail Transport System AUTH CRAM-MD5 Buffer Overflow Vulnerability
Microsoft Office
1007419* - Microsoft Office Memory Corruption Vulnerability (CVE-2016-0052)
Shellcode
1001183* - Identified Suspicious Usage Of Shellcode
Web Application Common
1007518 - Identified Reflected File Download Attack
Web Application PHP Based
1007272 - PHP SPL ArrayObject Use After Free Vulnerability
1007255 - PHP SplObjectStorage Use After Free Vulnerability
1007135* - WordPress XMLRPC 'system.multicall' Brute Force Amplification Attack
Web Application Tomcat
1005929* - Apache Tomcat Commons UploadFile Denial Of Service Vulnerability
Web Client Common
1007493 - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-1007)
1007495 - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-1009)
1007516 - Adobe Acrobat DLL Loading Arbitrary Code Execution Vulnerability Over WebDAV (CVE-2016-1008)
1007515 - Adobe Flash Player Heap Overflow Vulnerability (CVE-2016-1001)
1007496 - Adobe Flash Player Integer Overflow Vulnerability (CVE-2016-0963)
1007511 - Adobe Flash Player Integer Overflow Vulnerability (CVE-2016-0993)
1007519* - Adobe Flash Player Integer Overflow Vulnerability (CVE-2016-1010)
1007497* - Adobe Flash Player Memory Corruption Vulnerabilities
1007501 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-0960)
1007500 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-0961)
1007499 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-0962)
1007505 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-0986)
1007508 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-0989)
1007506 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-0987)
1007507 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-0988)
1007509 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-0990)
1007510 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-0991)
1007512 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-0994)
1007513 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-0995)
1007514 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-0996)
1007136 - Apple Quicktime 'stbl' Remote Code Execution Vulnerability
1007095 - Apple Quicktime Heap Overflow Vulnerability (CVE-2015-3668)
1007523 - Libxml2 Out Of Bound Read Multiple Information Disclosure Vulnerabilities (CVE-2015-7941)
1007368* - Microsoft DirectShow Heap Corruption Vulnerability (CVE-2016-0015)
1007223 - Microsoft GS Wavetable Synth Memory Corruption Vulnerability
1007366* - Microsoft Silverlight Runtime Remote Code Execution Vulnerability (CVE-2016-0034)
1007427* - Microsoft Windows DLL Loading Vulnerabilities Over WebDAV (MS16-014)
1003589* - Sun Java Runtime Environment And Java Development Kit Security Vulnerability
Web Client Internet Explorer/Edge
1007406* - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-0061)
1007462 - Microsoft Internet Explorer GetCommonAncestorElement Denial Of Service Vulnerability
1007473* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-0108)
1007477* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-0113)
Web Server Common
1007222 - WordPress Ajax Load More Plugin File Upload Vulnerability
Web Server Oracle
1007204 - Oracle WebLogic Server Java Deserialization Objects Remote Code Execution Vulnerability
Windows Services RPC Client
1007494 - Adobe Acrobat DLL Loading Arbitrary Code Execution Vulnerability (CVE-2016-1008)
1007381* - Microsoft Windows DLL Loading Vulnerabilities Over Network Share (MS15-132)
1007426* - Microsoft Windows DLL Loading Vulnerabilities Over Network Share (MS16-014)
Integrity Monitoring Rules:
1005041* - Malware - Suspicious Microsoft Windows Files Detected
1005042* - Malware - Suspicious Microsoft Windows Registry Entries Detected
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.