Rule Update

19-021 (April 23, 2019)


  DESCRIPTION

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

DCERPC Services
1009511* - Microsoft Windows SMB Remote Code Execution Vulnerability (CVE-2019-0630)


Message Queuing Server Microsoft
1009623 - Microsoft Windows Message Queuing Buffer Overflow Vulnerability (CVE-2005-0059)


Suspicious Client Application Activity
1008946* - Heuristic Detection Of Suspicious Digital Certificate


Web Application Tomcat
1009697* - Apache Tomcat Remote Code Execution Vulnerability (CVE-2019-0232)


Web Client Common
1009554* - RARLAB WinRAR ACE Remote Code Execution Vulnerability (CVE-2018-20250)


Web Client Internet Explorer/Edge
1009640* - Microsoft Edge And Internet Explorer Same Origin Policy Bypass Vulnerabilities


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.