概要

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Application Control For Web Browser
1007376 - Application Control For Microsoft Edge Web Browser


DCERPC Services
1007699 - Oracle Job Scheduler Named Pipe Command Execution Vulnerability


Directory Server LDAP
1007460 - OpenLDAP ber_get_next Denial Of Service Vulnerability (CVE-2015-6908)


Mail Server Common
1000834* - SMTP Decoding


Microsoft Office
1007732 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3280)
1007733 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3281)
1007734 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3282)
1007735 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3283)
1007736 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3284)
1007731 - Microsoft Office Remote Code Execution Vulnerability (CVE-2016-3279)


Suspicious Client Ransomware Activity
1007534* - Ransomware Crydap
1007578* - Ransomware CryptFile
1007576* - Ransomware Cryptesla
1007579* - Ransomware HTTP Request
1007577* - Ransomware Hydra
1007581* - Ransomware Lectool
1007602* - Ransomware Locky
1007601* - Ransomware TCP Request


Suspicious Server Ransomware Activity
1007580* - Ransomware HTTP Request-1
1007582* - Ransomware Lectool-1
1007533* - Ransomware TCP Request-1


Web Application Common
1007715 - ImageMagick And GraphicsMagick Remote Code Execution Vulnerability (CVE-2016-5118)


Web Application PHP Based
1007298* - Joomla Core Remote Code Execution Vulnerability (CVE-2015-8562)
1007254 - PHP SplDoublyLinkedList Use After Free Vulnerability


Web Client Common
1007629* - Adobe Acrobat And Reader Integer Overflow Vulnerability (CVE-2016-1043)
1007519* - Adobe Flash Player Integer Overflow Vulnerability (CVE-2016-1010)
1006921* - Adobe Flash Player Null Pointer Dereference Vulnerability (CVE-2015-3126)
1006922* - Adobe Flash Player Null Pointer Dereference Vulnerability (CVE-2015-4429)
1006657* - Adobe Flash Player Remote Integer Overflow Vulnerability (CVE-2014-0569) - 2
1006979* - Adobe Flash Player Use After Free Vulnerability (CVE-2015-5559)
1006599* - Identified Suspicious Obfuscated JavaScript - 3
1007738 - ImageMagick And GraphicsMagick Remote Code Execution Vulnerability (CVE-2016-5118) - 1
1005403* - Libxml2 Entity Expansion Denial Of Service Vulnerability
1004091* - Oracle JRE Java Platform SE And Java Deployment Toolkit Plugins Code Execution Vulnerabilities


Web Client Internet Explorer/Edge
1007662* - Microsoft Edge Memory Corruption Vulnerability (CVE-2016-3222)
1007727 - Microsoft Edge Memory Corruption Vulnerability (CVE-2016-3246)
1007729 - Microsoft Edge Scripting Engine Information Disclosure Vulnerability (CVE-2016-3271)
1007647 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-0186)
1007726 - Microsoft Edge Security Feature Bypass Vulnerability (CVE-2016-3244)
1007725 - Microsoft Internet Explorer And Edge Information Disclosure Vulnerability (CVE-2016-3277)
1007723 - Microsoft Internet Explorer And Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-3259)
1007722 - Microsoft Internet Explorer And Edge Spoofing Vulnerability (CVE-2016-3274)
1007721 - Microsoft Internet Explorer And Edge Spoofing Vulnerability (CVE-2016-3276)
1007720 - Microsoft Internet Explorer Information Disclosure Vulnerability (CVE-2016-3261)
1007716 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-3240)
1007717 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-3241)
1007724 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-3242)
1007718 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-3243)


Web Server Common
1000128* - HTTP Protocol Decoding


Web Server Miscellaneous
1007603* - Apache Struts Dynamic Method Invocation Remote Code Execution Vulnerability (CVE-2016-3081)
1007694* - Apache Struts REST Plugin DMI Remote Code Execution Vulnerability (CVE-2016-3087)
1007702* - Apache Struts REST Plugin Remote Code Execution Vulnerability (CVE-2016-4438)
1007058 - LANDesk Management Suite Multiple Remote File Inclusion Vulnerabilities


Web Server SAP
1005576* - SAP NetWeaver BW - XML External Entity Vulnerability


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

1002831* - Unix - Syslog