Trend Micro Deep Security™️およびDPIルール等の関連情報

  • * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Application Control For File Sharing
    1003682* - Application Control For Ares Galaxy


    DNS Server
    1007972 - ISC BIND Assertion Failure Denial Of Service Vulnerability (CVE-2016-2776)


    Microsoft Office
    1007939* - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3357)


    Suspicious Client Ransomware Activity
    1007971 - Ransomware Fantom


    Web Application PHP Based
    1006794* - PHP 'main/rfc1867.c' Remote Denial Of Service Vulnerability


    Web Client Common
    1007784* - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-4251)
    1007759* - Adobe Flash Player Use After Free Vulnerability (CVE-2016-4228)
    1007871 - GNU Wget Arbitrary Commands Execution Vulnerability (CVE-2016-4971)
    1007935* - Microsoft Windows Kernel Elevation Of Privilege Vulnerability (CVE-2016-3371)
    1007659* - Microsoft Windows PDF Information Disclosure Vulnerability (CVE-2016-3215)


    Web Server Miscellaneous
    1007528 - GlassFish Java EE Application Server Arbitrary File Read Vulnerability


    Windows Services RPC Client
    1007897* - Microsoft Internet Explorer Information Disclosure Vulnerability Over SMB (CVE-2016-3321)


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    DCERPC Services
    1007596* - Identified Possible Ransomware File Extension Rename Activity Over Network Share
    1007598* - Identified Possible Ransomware File Rename Activity Over Network Share


    Microsoft Office
    1002929* - Microsoft Excel Calendar Object Validation Vulnerability
    1007887* - Microsoft Graphics Component Memory Corruption Vulnerability (CVE-2016-3318)
    1007884* - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3313)


    NFS Server
    1003401* - Disallow Device Node Creation Over NFS


    OpenSSL
    1007970 - OpenSSL OCSP Status Request Denial Of Service Vulnerability (CVE-2016-6304)


    Web Application Common
    1007518* - Identified Reflected File Download Attack


    Web Application PHP Based
    1007948* - Drupal RESTWS Module Page Callback Remote Code Execution Vulnerability
    1007459* - Drupal XRDS Document Denial Of Service Vulnerability (CVE-2014-5267)
    1007254* - PHP SplDoublyLinkedList Use After Free Vulnerability
    1007252* - PHP jui_filter_rule Parsing Library Remote Code Execution Vulnerability


    Web Application Ruby Based
    1007530* - Ruby On Rails Action View Remote Code Execution Vulnerability (CVE-2016-0752)


    Web Client Common
    1007965 - Adobe Acrobat And Reader FlateDecode Parsing Out-Of-Bounds Read Information Disclosure Vulnerability (APSB16-26) - 1
    1007966 - Adobe Acrobat And Reader FlateDecode Parsing Out-Of-Bounds Read Information Disclosure Vulnerability (APSB16-26) - 2
    1007967 - Adobe Acrobat And Reader Font Stream Parsing Multiple Out-Of-Bounds Read Information Disclosure Vulnerability (APSB16-26) - 3
    1007806 - Adobe Flash Player Buffer Overflow Vulnerability (CVE-2016-1103)
    1007803 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-1099)
    1007804 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-1100)
    1007805 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-1102)
    1007808 - Adobe Flash Player Type Confusion Vulnerability (CVE-2016-1105)
    1007565* - Adobe Flash Player Use After Free Vulnerability (CVE-2016-1013)
    1007802 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-1097)
    1007809 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-1106)
    1007810 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-1109)
    1007758* - Adobe Flash Player Use After Free Vulnerability (CVE-2016-4227)
    1007880* - Microsoft PDF Remote Code Execution Vulnerability (CVE-2016-3319)
    1007936* - Microsoft Windows Elevation Of Privilege Vulnerability (CVE-2016-3373)
    1007881* - Microsoft Windows Graphics Component Remote Code Execution Vulnerability (CVE-2016-3301)
    1007883* - Microsoft Windows Graphics Component Remote Code Execution Vulnerability (CVE-2016-3304)
    1007951 - Microsoft XML Core Services XMLHttpRequest 'SetCookie2' Header Information Disclosure Vulnerability
    1005924* - Restrict Download Of EICAR Test File Over HTTP


    Web Client Internet Explorer/Edge
    1007615* - Microsoft Edge Memory Corruption Vulnerability (CVE-2016-0191)
    1007878* - Microsoft Internet Explorer And Edge Information Disclosure Vulnerability (CVE-2016-3326)
    1007428* - Microsoft Internet Explorer Information Disclosure Vulnerability (CVE-2016-0059)
    1007896* - Microsoft Internet Explorer Information Disclosure Vulnerability Over WebDAV (CVE-2016-3321)
    1007613* - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2016-0189)


    Web Server Common
    1007872* - HTTP Proxy Header Injection Vulnerabilities
    1007185* - Java Unserialize Remote Code Execution Vulnerability
    1007914* - Symfony Security Component Denial Of Service Vulnerability


    Web Server Miscellaneous
    1007646* - Apache Struts JRE URLDecoder Cross-Site Scripting Vulnerability (CVE-2016-4003)
    1007737* - Apache Struts Url Validator Denial Of Service Vulnerability (CVE-2016-4465)
    1005221* - Identified Suspicious Novell ZENworks Asset Management rtrlet Component Authentication Bypass


    Windows Services RPC Client
    1007913 - Identified Possible Ransomware File Extension Rename Activity Over Network Share - Client
    1007912 - Identified Possible Ransomware File Rename Activity Over Network Share - Client


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Database Oracle
    1004128* - Oracle Database Server DBMS_CDC_PUBLISH Multiple Procedure SQL Injection


    Microsoft Office
    1007736* - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3284)


    Web Application PHP Based
    1007948* - Drupal RESTWS Module Page Callback Remote Code Execution Vulnerability


    Web Client Common
    1007954 - Adobe Flash Player Memory Corruption Vulnerability (APSB16-29)
    1007953 - Adobe Flash Player Multiple Security Vulnerabilities (APSB16-29)
    1007956 - Adobe Flash Player Security Bypass Vulnerability (APSB16-29)
    1007952 - Adobe Flash Player Security Bypass Vulnerability (APSB16-29) - 1
    1007757* - Adobe Flash Player Use After Free Vulnerability (CVE-2016-4226)


    Web Client Internet Explorer/Edge
    1007879* - Microsoft Internet Explorer And Edge Information Disclosure Vulnerability (CVE-2016-3327)


    Web Server Apache
    1006027* - Apache HTTP Server Denial Of Service Vulnerability (CVE-2014-0098)


    Web Server Oracle
    1005315* - Oracle Database Client System Analyzer Remote Code Execution Vulnerability


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Database MySQL
    1007950 - Oracle MySQL Remote Code Execution Vulnerability (CVE-2016-6662)


    Microsoft Office
    1007939 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3357)
    1007940 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3358)
    1007941 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3359)
    1007942 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3360)
    1007943 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3362)
    1007944 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3363)
    1007945 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3364)
    1007946 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3365)
    1007947 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3381)


    Web Application PHP Based
    1007948 - Drupal RESTWS Module Page Callback Remote Code Execution Vulnerability
    1006794* - PHP 'main/rfc1867.c' Remote Denial Of Service Vulnerability


    Web Client Common
    1007631* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB16-14) - 10
    1007629* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB16-14) - 6
    1007515* - Adobe Flash Player Heap Overflow Vulnerability (CVE-2016-1001)
    1007938 - Microsoft GDI Elevation Of Privilege Vulnerability (CVE-2016-3355)
    1007929 - Microsoft PDF Library Remote Code Execution Vulnerability (CVE-2016-3370)
    1007930 - Microsoft PDF Library Remote Code Execution Vulnerability (CVE-2016-3374)
    1007937 - Microsoft Win32k Elevation Of Privilege Vulnerability (CVE-2016-3348)
    1007936 - Microsoft Windows Elevation Of Privilege Vulnerability (CVE-2016-3373)
    1007931 - Microsoft Windows Information Disclosure Vulnerability (CVE-2016-3352)
    1007935 - Microsoft Windows Kernel Elevation Of Privilege Vulnerability (CVE-2016-3371)
    1007933 - Microsoft Windows Session Object Elevation Of Privilege Vulnerability (CVE-2016-3305)
    1007934 - Microsoft Windows Session Object Elevation Of Privilege Vulnerability (CVE-2016-3306)


    Web Client Internet Explorer/Edge
    1007926 - Microsoft Edge Memory Corruption Vulnerability (CVE-2016-3294)
    1007923 - Microsoft Internet Explorer And Edge Information Disclosure Vulnerability (CVE-2016-3325)
    1007924 - Microsoft Internet Explorer And Edge Information Disclosure Vulnerability (CVE-2016-3351)
    1007920 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-3247)
    1007921 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-3295)
    1007922 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-3297)
    1007928 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-3324)
    1007657* - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2016-3210)
    1007925 - Microsoft Scripting Engine Memory Corruption Vulnerability (CVE-2016-3375)
    1007927 - Microsoft Scripting Engine Memory Corruption Vulnerability (CVE-2016-3377)


    Web Client SSL
    1007906 - Multiple Products FalseCONNECT Vulnerability


    Web Server Common
    1007914 - Symfony Security Component Denial Of Service Vulnerability


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    RealNetworks Helix Server
    1004120* - RealNetworks Helix Server NTLM Authentication Heap Buffer Overflow Vulnerability (CVE-2010-1318)


    Suspicious Client Application Activity
    1007907 - Cisco ASA Memory Corruption Vulnerability (CVE-2016-6366)


    Web Application Ruby Based
    1005331* - Ruby On Rails XML Processor YAML Deserialization DoS


    Web Client Common
    1007630* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB16-14) - 5
    1007590* - Adobe Flash Player DLL Hijacking Vulnerability Over WebDAV (CVE-2016-1014)
    1007676* - Adobe Flash Player Heap Overflow Vulnerability (CVE-2016-4136)
    1007452 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-0959)
    1003742* - FFmpeg OGV File Format Double Free Memory Corruption
    1003747* - FFmpeg vmd_read_header Integer Overflow
    1007918 - Fortinet FortiGate Cookie Parser Buffer Overflow Vulnerability (CVE-2016-6909)
    1006532* - Identified Malicious Adobe Flash SWF File - 1
    1007919 - Microsoft .NET Framework And Silverlight Array Offset Vulnerability (CVE-2011-0664)
    1007911 - Microsoft .NET Framework XAML Browser Applications Stack Corruption (CVE-2010-3958)
    1007882* - Microsoft Windows Graphics Component Remote Code Execution Vulnerability (CVE-2016-3303)
    1007558* - Microsoft Windows OLE Remote Code Execution Vulnerability (CVE-2016-0153)


    Web Server Miscellaneous
    1005516* - RedHat JBoss Enterprise Application Platform Block Access To Status Servlet


    Windows Services RPC Client DCERPC
    1007538* - Windows Client Port Mapper Decoder


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    DCERPC Services
    1003080* - Server Service Vulnerability (srvsvc)


    Trend Micro OfficeScan NT Listener
    1003177* - Trend Micro OfficeScan Directory Traversal Vulnerability


    Web Application PHP Based
    1007255* - PHP SplObjectStorage Use After Free Vulnerability


    Web Client Common
    1007631* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB16-14) - 10
    1007819* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB16-14) - 4
    1007818* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB16-14) - 7
    1007817* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB16-14) - 8
    1007857 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB16-14) - 9
    1007632* - Adobe Acrobat And Reader Multiple Use After Free Vulnerabilities (APSB16-14) - 1
    1007824* - Adobe Acrobat And Reader Multiple Use After Free Vulnerabilities (APSB16-14) - 2
    1007825* - Adobe Acrobat And Reader Multiple Use After Free Vulnerabilities (APSB16-14) - 3
    1007675 - Adobe Flash Player Heap Overflow Vulnerability (CVE-2016-4135)
    1007904 - Microsoft Windows Graphics Use After Free Vulnerability (CVE-2016-3310)


    Web Server Common
    1002593* - Allow HTTP (Including WebDAV) Methods


    Web Server Miscellaneous
    1007646 - Apache Struts JRE URLDecoder Cross-Site Scripting Vulnerability (CVE-2016-4003)


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    HP OpenView Network Node Manager Web
    1003602* - HP OpenView Network Node Manager rping Stack Buffer Overflow


    Microsoft Office
    1007887 - Microsoft Graphics Component Memory Corruption Vulnerability (CVE-2016-3318)
    1007884 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3313)
    1007885 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3316)
    1007886 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3317)


    OpenSSL Client
    1006546* - OpenSSL ECDHE Downgrade Vulnerability (CVE-2014-3572)


    Suspicious Client Ransomware Activity
    1007704 - Ransomware Bucbi
    1007706 - Ransomware CRIPTODC
    1007705 - Ransomware Crilock
    1007707 - Ransomware Crypshed
    1007708 - Ransomware Democry
    1007709 - Ransomware MadLocker
    1007710 - Ransomware SNSLocker
    1007711 - Ransomware XORBAT
    1007712 - Ransomware Zcrypt


    Web Application PHP Based
    1007459 - Drupal XRDS Document Denial Of Service Vulnerability (CVE-2014-5267)
    1007252 - PHP jui_filter_rule Parsing Library Remote Code Execution Vulnerability


    Web Application Ruby Based
    1007530 - Ruby On Rails Action View Remote Code Execution Vulnerability (CVE-2016-0752)


    Web Client Common
    1007811 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-4108)
    1007880 - Microsoft PDF Remote Code Execution Vulnerability (CVE-2016-3319)
    1007881 - Microsoft Windows Graphics Component Remote Code Execution Vulnerability (CVE-2016-3301)
    1007882 - Microsoft Windows Graphics Component Remote Code Execution Vulnerability (CVE-2016-3303)
    1007883 - Microsoft Windows Graphics Component Remote Code Execution Vulnerability (CVE-2016-3304)


    Web Client Internet Explorer/Edge
    1007726* - Microsoft Edge Security Feature Bypass Vulnerability (CVE-2016-3244)
    1007878 - Microsoft Internet Explorer And Edge Information Disclosure Vulnerability (CVE-2016-3326)
    1007879 - Microsoft Internet Explorer And Edge Information Disclosure Vulnerability (CVE-2016-3327)
    1007874 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-3289)
    1007876 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-3293)
    1007877 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-3322)
    1007896 - Microsoft Internet Explorer Information Disclosure Vulnerability Over WebDAV (CVE-2016-3321)
    1007873 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-3288)
    1007875 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-3290)


    Web Server Common
    1007872 - HTTP Proxy Header Injection Vulnerabilities


    Web Server Miscellaneous
    1007737 - Apache Struts Url Validator Denial Of Service Vulnerability (CVE-2016-4465)


    Windows Services RPC Client
    1007566* - Adobe Flash Player DLL Hijacking Vulnerability Over Network Share (CVE-2016-1014)
    1007897 - Microsoft Internet Explorer Information Disclosure Vulnerability Over SMB (CVE-2016-3321)


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    DCERPC Services
    1007699* - Oracle Job Scheduler Named Pipe Command Execution Vulnerability


    Directory Server LDAP
    1007460* - OpenLDAP ber_get_next Denial Of Service Vulnerability (CVE-2015-6908)


    HP OpenView Network Node Manager Web
    1003892* - Hewlett-Packard OpenView NNM Multiple Command Injection Vulnerabilities


    Port Mapper Windows
    1001033* - Windows Port Mapper Decoder


    Web Application Common
    1007715* - ImageMagick And GraphicsMagick Remote Code Execution Vulnerability (CVE-2016-5118)


    Web Client Common
    1007817 - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-1037)
    1007768 - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-4191)
    1007769 - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-4192)
    1007770 - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-4195)
    1007771 - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-4196)
    1007772 - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-4197)
    1007773 - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-4198)
    1007774 - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-4199)
    1007775 - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-4200)
    1007776 - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-4201)
    1007777 - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-4202)
    1007778 - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-4203)
    1007779 - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-4204)
    1007780 - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-4205)
    1007781 - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-4206)
    1007782 - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-4207)
    1007783 - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-4208)
    1007784 - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-4251)
    1007785 - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-4252)
    1007818 - Adobe Acrobat And Reader Security Bypass Vulnerability (CVE-2016-1038)
    1007819 - Adobe Acrobat And Reader Security Bypass Vulnerability (CVE-2016-1039)
    1007824 - Adobe Acrobat And Reader Use After Free Vulnerability (CVE-2016-1045)
    1007825 - Adobe Acrobat And Reader Use After Free Vulnerability (CVE-2016-1046)
    1007766 - Adobe Acrobat And Reader Use After Free Vulnerability (CVE-2016-4254)
    1007767 - Adobe Acrobat And Reader Use After Free Vulnerability (CVE-2016-4255)
    1007765 - Adobe Flash Player Heap Overflow Vulnerability (CVE-2016-4249)
    1007745 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-4175)
    1007746 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-4176)
    1007747 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-4177)
    1007749 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-4179)
    1007750 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-4182)
    1007752 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-4185)
    1007751 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-4188)
    1007754 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-4223)
    1007755 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-4224)
    1007756 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-4225)
    1007748 - Adobe Flash Player Security Bypass Vulnerability (CVE-2016-4178)
    1007763 - Adobe Flash Player Sensitive Data Exposure Vulnerability (CVE-2016-4232)
    1007788 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-8410)
    1007789 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-8411)
    1007790 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-8412)
    1007797 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-8413)
    1007801 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-8420)
    1007800 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-8421)
    1007798 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-8422)
    1007796 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-8423)
    1007795 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-8424)
    1007786 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-8425)
    1007794 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-8427)
    1007793 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-8428)
    1007787 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-8429)
    1007791 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-8430)
    1007792 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-8431)
    1007743 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-4173)
    1007744 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-4174)
    1007753 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-4222)
    1007757 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-4226)
    1007758 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-4227)
    1007759 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-4228)
    1007760 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-4229)
    1007761 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-4230)
    1007762 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-4231)
    1007764 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-4248)
    1007799 - Adobe Flash Player Use-After-Free Vulnerability (CVE-2015-3107)
    1007621* - Microsoft Windows Graphics Component Information Disclosure Vulnerability (CVE-2016-0169)


    Web Client Internet Explorer/Edge
    1007729* - Microsoft Edge Scripting Engine Information Disclosure Vulnerability (CVE-2016-3271)
    1007484* - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-0111)
    1007544* - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-0154)
    1007728 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-3264)
    1007721* - Microsoft Internet Explorer And Edge Spoofing Vulnerability (CVE-2016-3276)


    Web Server Miscellaneous
    1007701* - Apache Struts XSLTResult Remote Code Execution Vulnerability (CVE-2016-3082)
    1007522 - JBoss Seam Parameterized EL Expressions Remote Code Execution Vulnerability


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Application Control For Web Browser
    1007376 - Application Control For Microsoft Edge Web Browser


    DCERPC Services
    1007699 - Oracle Job Scheduler Named Pipe Command Execution Vulnerability


    Directory Server LDAP
    1007460 - OpenLDAP ber_get_next Denial Of Service Vulnerability (CVE-2015-6908)


    Mail Server Common
    1000834* - SMTP Decoding


    Microsoft Office
    1007732 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3280)
    1007733 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3281)
    1007734 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3282)
    1007735 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3283)
    1007736 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3284)
    1007731 - Microsoft Office Remote Code Execution Vulnerability (CVE-2016-3279)


    Suspicious Client Ransomware Activity
    1007534* - Ransomware Crydap
    1007578* - Ransomware CryptFile
    1007576* - Ransomware Cryptesla
    1007579* - Ransomware HTTP Request
    1007577* - Ransomware Hydra
    1007581* - Ransomware Lectool
    1007602* - Ransomware Locky
    1007601* - Ransomware TCP Request


    Suspicious Server Ransomware Activity
    1007580* - Ransomware HTTP Request-1
    1007582* - Ransomware Lectool-1
    1007533* - Ransomware TCP Request-1


    Web Application Common
    1007715 - ImageMagick And GraphicsMagick Remote Code Execution Vulnerability (CVE-2016-5118)


    Web Application PHP Based
    1007298* - Joomla Core Remote Code Execution Vulnerability (CVE-2015-8562)
    1007254 - PHP SplDoublyLinkedList Use After Free Vulnerability


    Web Client Common
    1007629* - Adobe Acrobat And Reader Integer Overflow Vulnerability (CVE-2016-1043)
    1007519* - Adobe Flash Player Integer Overflow Vulnerability (CVE-2016-1010)
    1006921* - Adobe Flash Player Null Pointer Dereference Vulnerability (CVE-2015-3126)
    1006922* - Adobe Flash Player Null Pointer Dereference Vulnerability (CVE-2015-4429)
    1006657* - Adobe Flash Player Remote Integer Overflow Vulnerability (CVE-2014-0569) - 2
    1006979* - Adobe Flash Player Use After Free Vulnerability (CVE-2015-5559)
    1006599* - Identified Suspicious Obfuscated JavaScript - 3
    1007738 - ImageMagick And GraphicsMagick Remote Code Execution Vulnerability (CVE-2016-5118) - 1
    1005403* - Libxml2 Entity Expansion Denial Of Service Vulnerability
    1004091* - Oracle JRE Java Platform SE And Java Deployment Toolkit Plugins Code Execution Vulnerabilities


    Web Client Internet Explorer/Edge
    1007662* - Microsoft Edge Memory Corruption Vulnerability (CVE-2016-3222)
    1007727 - Microsoft Edge Memory Corruption Vulnerability (CVE-2016-3246)
    1007729 - Microsoft Edge Scripting Engine Information Disclosure Vulnerability (CVE-2016-3271)
    1007647 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-0186)
    1007726 - Microsoft Edge Security Feature Bypass Vulnerability (CVE-2016-3244)
    1007725 - Microsoft Internet Explorer And Edge Information Disclosure Vulnerability (CVE-2016-3277)
    1007723 - Microsoft Internet Explorer And Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-3259)
    1007722 - Microsoft Internet Explorer And Edge Spoofing Vulnerability (CVE-2016-3274)
    1007721 - Microsoft Internet Explorer And Edge Spoofing Vulnerability (CVE-2016-3276)
    1007720 - Microsoft Internet Explorer Information Disclosure Vulnerability (CVE-2016-3261)
    1007716 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-3240)
    1007717 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-3241)
    1007724 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-3242)
    1007718 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-3243)


    Web Server Common
    1000128* - HTTP Protocol Decoding


    Web Server Miscellaneous
    1007603* - Apache Struts Dynamic Method Invocation Remote Code Execution Vulnerability (CVE-2016-3081)
    1007694* - Apache Struts REST Plugin DMI Remote Code Execution Vulnerability (CVE-2016-3087)
    1007702* - Apache Struts REST Plugin Remote Code Execution Vulnerability (CVE-2016-4438)
    1007058 - LANDesk Management Suite Multiple Remote File Inclusion Vulnerabilities


    Web Server SAP
    1005576* - SAP NetWeaver BW - XML External Entity Vulnerability


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    1002831* - Unix - Syslog
  • * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    DCERPC Services
    1007596* - Identified Possible Ransomware File Extension Rename Activity Over Network Share
    1007598* - Identified Possible Ransomware File Rename Activity Over Network Share
    1006906* - Identified Usage Of PsExec Command Line Tool


    NetBIOS Name Service
    1007658 - Identified Too Many NBNS Response
    1007700 - Identified WPAD NBNS Response From Suspicious Host


    ODBC Server CitectSCADA
    1002855* - CitectSCADA ODBC Server Remote Stack Buffer Overflow


    Suspicious Client Application Activity
    1007578* - Ransomware CryptFile


    Unix CVS
    1000511* - CVS Annotate Command Long Revision String Buffer Overflow


    Web Client Common
    1007678 - Adobe Flash Player Buffer Overflow Vulnerability (CVE-2016-4138)
    1007697 - Adobe Flash Player DLL Hijacking Vulnerability Over WebDAV (CVE-2016-4140)
    1007676 - Adobe Flash Player Heap Overflow Vulnerability (CVE-2016-4136)
    1007673 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-4132)
    1007674 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-4133)
    1007679 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-4141)
    1007687 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-4150)
    1007688 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-4151)
    1007689 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-4152)
    1007690 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-4153)
    1007691 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-4154)
    1007692 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-4155)
    1007693 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-4156)
    1007682 - Adobe Flash Player Type Confusion Vulnerability (CVE-2016-4144)
    1007686 - Adobe Flash Player Type Confusion Vulnerability (CVE-2016-4149)
    1007672 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-4121)
    1007680 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-4142)
    1007681 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-4143)
    1007683 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-4146)
    1007684 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-4147)
    1007685 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-4148)
    1007489* - Microsoft Windows OLE Memory Remote Code Execution Vulnerability (CVE-2016-0091)
    1007490* - Microsoft Windows OLE Memory Remote Code Execution Vulnerability (CVE-2016-0092)


    Web Client Internet Explorer/Edge
    1007652* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-0199)


    Web Server Miscellaneous
    1004007* - Adobe BlazeDS XML Injection And XML External Entity Injection Vulnerabilities
    1007694 - Apache Struts REST Plugin DMI Remote Code Execution Vulnerability (CVE-2016-3087)
    1007702 - Apache Struts REST Plugin Remote Code Execution Vulnerability (CVE-2016-4438)
    1007701 - Apache Struts XSLTResult Remote Code Execution Vulnerability (CVE-2016-3082)


    Windows Services RPC Client
    1007695 - Adobe Flash Player DLL Hijacking Vulnerability Over Network Share (CVE-2016-4140)


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    1002831* - Unix - Syslog