Trend Micro Deep Security™️およびDPIルール等の関連情報

  • Rule Update: 16-009 (2016年4月12日)
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Application Control For File Sharing
    1007463* - Application Control For Microsoft OneDrive


    Backup Server IBM Tivoli Storage Manager FastBack Server
    1007353 - IBM Tivoli Storage Manager FastBack Server Opcode 1301 Remote Code Execution Vulnerability
    1007365 - IBM Tivoli Storage Manager FastBack Server Opcode 1335 Remote Code Execution Vulnerability


    Microsoft Office
    1007555 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-0122)
    1007556 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-0127)
    1007557 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-0136)
    1007560 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-0139)


    OpenSSL
    1007072* - GNU Libtasn1 'decoding.c' Heap Buffer Overflow Vulnerability (CVE-2015-3622)


    Port Mapper Windows
    1001033* - Windows Port Mapper Decoder


    Suspicious Client Application Activity
    1007576 - Ransomware Cryptesla
    1007577 - Ransomware Hydra
    1007581 - Ransomware Lectool


    Suspicious Server Application Activity
    1007582 - Ransomware Lectool-1


    Unix Samba Client
    1007584 - SAMBA RPC Authentication Level Downgrade Vulnerability


    Unix Samba Client DCERPC
    1007586 - SAMBA RPC Authentication Level Downgrade Vulnerability - 1
    1007585 - Unix Samba Client Port Mapper Decoder


    Unix Samba Server DCERPC
    1007593 - Identified SAMBA DCERPC AUTH LEVEL CONNECT Password Validate Request
    1007588 - Unix Samba Server Port Mapper Decoder


    Web Application Common
    1000608* - Generic SQL Injection Prevention


    Web Client Common
    1007570 - Adobe Flash Player Buffer Overflow Vulnerability (CVE-2016-1018)
    1007590 - Adobe Flash Player DLL Hijacking Vulnerability Over WebDAV (CVE-2016-1014)
    1007564 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-1012)
    1007572* - Adobe Flash Player Remote Code Execution Vulnerability (CVE-2016-1019)
    1007562 - Adobe Flash Player Security Bypass Vulnerability (CVE-2016-1006)
    1007567 - Adobe Flash Player Type Confusion Vulnerability (CVE-2016-1015)
    1007563 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-1011)
    1007565 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-1013)
    1007568 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-1016)
    1007569 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-1017)
    1006532* - Identified Malicious Adobe Flash SWF File - 1
    1007591 - Microsoft Windows DLL Loading Vulnerabilities Over WebDAV (CVE-2016-0160 and CVE-2016-0148)
    1007370* - Microsoft Windows DLL Loading Vulnerabilities Over WebDAV (MS16-007)
    1007553 - Microsoft Windows Graphics Memory Corruption Vulnerability (CVE-2016-0145)
    1007558 - Microsoft Windows OLE Remote Code Execution Vulnerability (CVE-2016-0153)
    1007526 - Oracle Java SE Remote Code Execution Vulnerability (CVE-2016-0636)


    Web Client Internet Explorer/Edge
    1007551 - Microsoft Edge Elevation Of Privilege Vulnerability (CVE-2016-0158)
    1007552 - Microsoft Edge Elevation Of Privilege Vulnerability (CVE-2016-0161)
    1007548 - Microsoft Edge Memory Corruption Vulnerability (CVE-2016-0155)
    1007549 - Microsoft Edge Memory Corruption Vulnerability (CVE-2016-0156)
    1007550 - Microsoft Edge Memory Corruption Vulnerability (CVE-2016-0157)
    1007544 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-0154)
    1007545 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-0159)
    1007546 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-0164)
    1007547 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-0166)
    1007554 - Microsoft Windows MSXML Remote Code Execution Vulnerability (CVE-2016-0147)


    Web Client SSL
    1006606* - Identified Fraudulent Digital Certificate - 1


    Web Server Miscellaneous
    1004189* - RedHat JBoss Enterprise Application Platform JMX Console Authentication Bypass


    Web Server Oracle Report Server
    1000502* - Oracle Reports OS Command Injection Attempt


    Windows Services RPC Client
    1007566 - Adobe Flash Player DLL Hijacking Vulnerability Over Network Share (CVE-2016-1014)
    1007592 - Microsoft Windows DLL Loading Vulnerabilities Over Network Share (CVE-2016-0160 and CVE-2016-0148)
    1007369* - Microsoft Windows DLL Loading Vulnerabilities Over Network Share (MS16-007)
    1007531 - Microsoft Windows RPC Downgrade Vulnerability (CVE-2016-0128)


    Windows Services RPC Client DCERPC
    1007539 - Microsoft Windows RPC Downgrade Vulnerability (CVE-2016-0128) - 1
    1007538 - Windows Client Port Mapper Decoder


    Windows Services RPC Server DCERPC
    1007561 - Identified Windows DCERPC AUTH LEVEL CONNECT Password Validate Request


    Integrity Monitoring Rules:

    1005041* - Malware - Suspicious Microsoft Windows Files Detected


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • Rule Update: 16-008 (2016年4月7日)
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Web Client Common
    1007572 - Adobe Flash Player Remote Code Execution Vulnerability (CVE-2016-1019)
    1006532* - Identified Malicious Adobe Flash SWF File - 1


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • Rule Update: 16-007 (2016年3月22日)
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Backup Server IBM Tivoli Storage Manager FastBack Mount
    1007271* - IBM Tivoli Storage Manager FastBack Buffer Overflow Vulnerability (CVE-2015-0120)
    1007349* - IBM Tivoli Storage Manager FastBack Mount Stack Buffer Overflow Vulnerability (CVE-2015-0119)


    Backup Server IBM Tivoli Storage Manager FastBack Server
    1007351 - IBM Tivoli Storage Manager FastBack Command Execution Vulnerability (CVE-2015-1949)
    1007357 - IBM Tivoli Storage Manager FastBack Server Buffer Overflow (CVE-2015-1929)
    1007356 - IBM Tivoli Storage Manager FastBack Server Buffer Overflow Vulnerability (CVE-2015-1924)
    1007355* - IBM Tivoli Storage Manager FastBack Server Command Injection Vulnerabilities
    1007352 - IBM Tivoli Storage Manager FastBack Server Information Disclosure Vulnerability (CVE-2015-1941)
    1007354 - IBM Tivoli Storage Manager FastBack Server Memory Corruption Vulnerability
    1007464 - IBM Tivoli Storage Manager FastBack Stack Buffer Overflow Vulnerability (CVE-2015-4931)


    Mail Server Miscellaneous
    1006020* - Mercury Mail Transport System AUTH CRAM-MD5 Buffer Overflow Vulnerability


    Microsoft Office
    1007419* - Microsoft Office Memory Corruption Vulnerability (CVE-2016-0052)


    Shellcode
    1001183* - Identified Suspicious Usage Of Shellcode


    Web Application Common
    1007518 - Identified Reflected File Download Attack


    Web Application PHP Based
    1007272 - PHP SPL ArrayObject Use After Free Vulnerability
    1007255 - PHP SplObjectStorage Use After Free Vulnerability
    1007135* - WordPress XMLRPC 'system.multicall' Brute Force Amplification Attack


    Web Application Tomcat
    1005929* - Apache Tomcat Commons UploadFile Denial Of Service Vulnerability


    Web Client Common
    1007493 - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-1007)
    1007495 - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-1009)
    1007516 - Adobe Acrobat DLL Loading Arbitrary Code Execution Vulnerability Over WebDAV (CVE-2016-1008)
    1007515 - Adobe Flash Player Heap Overflow Vulnerability (CVE-2016-1001)
    1007496 - Adobe Flash Player Integer Overflow Vulnerability (CVE-2016-0963)
    1007511 - Adobe Flash Player Integer Overflow Vulnerability (CVE-2016-0993)
    1007519* - Adobe Flash Player Integer Overflow Vulnerability (CVE-2016-1010)
    1007497* - Adobe Flash Player Memory Corruption Vulnerabilities
    1007501 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-0960)
    1007500 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-0961)
    1007499 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-0962)
    1007505 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-0986)
    1007508 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-0989)
    1007506 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-0987)
    1007507 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-0988)
    1007509 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-0990)
    1007510 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-0991)
    1007512 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-0994)
    1007513 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-0995)
    1007514 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-0996)
    1007136 - Apple Quicktime 'stbl' Remote Code Execution Vulnerability
    1007095 - Apple Quicktime Heap Overflow Vulnerability (CVE-2015-3668)
    1007523 - Libxml2 Out Of Bound Read Multiple Information Disclosure Vulnerabilities (CVE-2015-7941)
    1007368* - Microsoft DirectShow Heap Corruption Vulnerability (CVE-2016-0015)
    1007223 - Microsoft GS Wavetable Synth Memory Corruption Vulnerability
    1007366* - Microsoft Silverlight Runtime Remote Code Execution Vulnerability (CVE-2016-0034)
    1007427* - Microsoft Windows DLL Loading Vulnerabilities Over WebDAV (MS16-014)
    1003589* - Sun Java Runtime Environment And Java Development Kit Security Vulnerability


    Web Client Internet Explorer/Edge
    1007406* - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-0061)
    1007462 - Microsoft Internet Explorer GetCommonAncestorElement Denial Of Service Vulnerability
    1007473* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-0108)
    1007477* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-0113)


    Web Server Common
    1007222 - WordPress Ajax Load More Plugin File Upload Vulnerability


    Web Server Oracle
    1007204 - Oracle WebLogic Server Java Deserialization Objects Remote Code Execution Vulnerability


    Windows Services RPC Client
    1007494 - Adobe Acrobat DLL Loading Arbitrary Code Execution Vulnerability (CVE-2016-1008)
    1007381* - Microsoft Windows DLL Loading Vulnerabilities Over Network Share (MS15-132)
    1007426* - Microsoft Windows DLL Loading Vulnerabilities Over Network Share (MS16-014)


    Integrity Monitoring Rules:

    1005041* - Malware - Suspicious Microsoft Windows Files Detected
    1005042* - Malware - Suspicious Microsoft Windows Registry Entries Detected


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • Rule Update: 16-006 (2016年3月8日)
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Application Control For File Sharing
    1007463 - Application Control For Microsoft OneDrive


    Backup Server IBM Tivoli Storage Manager FastBack Mount
    1007271 - IBM Tivoli Storage Manager FastBack Buffer Overflow Vulnerability (CVE-2015-0120)
    1007349 - IBM Tivoli Storage Manager FastBack Mount Stack Buffer Overflow Vulnerability (CVE-2015-0119)
    1007329* - IBM Tivoli Storage Manager FastBack Stack Based Buffer Overflow Vulnerability (CVE-2015-1896)


    Backup Server IBM Tivoli Storage Manager FastBack Server
    1007355 - IBM Tivoli Storage Manager FastBack Server Command Injection Vulnerabilities
    1007350* - IBM Tivoli Storage Manager FastBack Server Opcode 1332 Buffer Overflow (CVE-2015-1925)


    Database Oracle
    1002839* - Oracle Database Server SQL Injection In DBMS_DEFER_SYS.DELETE_TRAN Package
    1003223* - Oracle SYS.LT.COMPRESSWORKSPACETREE SQL Injection


    Microsoft Office
    1007488 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-0021)
    1007517 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-0134)


    OpenSSL Client
    1006920* - OpenSSL Client X509_cmp_time Denial Of Service Vulnerability (CVE-2015-1789)


    RADIUS Server
    1007455* - Microsoft Windows Network Policy Server RADIUS Implementation DOS Vulnerability (CVE-2016-0050)


    Web Application PHP Based
    1007403* - Drupal Core Host Header Handler Denial Of Service Vulnerability (CVE-2014-5019)


    Web Client Common
    1007519 - Adobe Flash Player Integer Overflow Vulnerability
    1007497 - Adobe Flash Player Memory Corruption Vulnerabilities
    1007504 - Adobe Flash Player Multiple Memory Corruption Vulnerabilities
    1007483 - Microsoft Windows Media Player Parsing Remote Code Execution Vulnerability (CVE-2016-0098)
    1007485 - Microsoft Windows Media Player Parsing Remote Code Execution Vulnerability (CVE-2016-0101)
    1007489 - Microsoft Windows OLE Memory Remote Code Execution Vulnerability (CVE-2016-0091)
    1007490 - Microsoft Windows OLE Memory Remote Code Execution Vulnerability (CVE-2016-0092)
    1007482 - Microsoft Windows OpenType Font Parsing Vulnerability (CVE-2016-0121)
    1007486 - Microsoft Windows PDF Library Remote Code Execution Vulnerability (CVE-2016-0117)
    1007487 - Microsoft Windows PDF Library Remote Code Execution Vulnerability (CVE-2016-0118)


    Web Client Internet Explorer/Edge
    1007481 - Microsoft Edge Memory Corruption Vulnerability (CVE-2016-0123)
    1007492 - Microsoft Edge Memory Corruption Vulnerability (CVE-2016-0124)
    1007467 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-0102)
    1007470 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-0105)
    1007474 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-0109)
    1007475 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-0110)
    1007484 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-0111)
    1007144* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-6071)
    1007468 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-0103)
    1007469 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-0104)
    1007471 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-0106)
    1007472 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-0107)
    1007473 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-0108)
    1007476 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-0112)
    1007477 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-0113)
    1007478 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-0114)
    1007366* - Microsoft Silverlight Runtime Remote Code Execution Vulnerability (CVE-2016-0034)


    Web Server Common
    1000128* - HTTP Protocol Decoding


    Web Server HTTPS
    1007491 - Identified Usage Of EXPORT Cipher Suite In SSLv2 Connection


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • Rule Update: 16-005 (2016年2月23日)
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Backup Server IBM Tivoli Storage Manager FastBack Mount
    1007329 - IBM Tivoli Storage Manager FastBack Stack Based Buffer Overflow Vulnerability (CVE-2015-1896)


    Backup Server IBM Tivoli Storage Manager FastBack Server
    1007350 - IBM Tivoli Storage Manager FastBack Server Opcode 1332 Buffer Overflow (CVE-2015-1925)


    DNS Client
    1007377* - ISC BIND DNSSEC Key Handler Denial Of Service Vulnerability (CVE-2015-5722)
    1007424* - ISC BIND OPT Pseudo-RR Data And ECS Options Denial Of Service Vulnerability (CVE-2015-8705)


    Elasticsearch
    1007301* - Elasticsearch Remote Code Execution Vulnerability (CVE-2015-5377)


    Mail Server Common
    1005344* - POP3 Mail Server Possible Brute Force Attempt


    Microsoft Office
    1007418* - Microsoft Office Memory Corruption Vulnerability (CVE-2016-0022)
    1006771* - Microsoft Office Uninitialized Memory Use Vulnerability (CVE-2015-1770)


    RADIUS Server
    1007455 - Microsoft Windows Network Policy Server RADIUS Implementation DOS Vulnerability (CVE-2016-0050)


    Web Application PHP Based
    1007404* - Drupal Core Denial Of Service Vulnerability (CVE-2014-9016)
    1007403 - Drupal Core Host Header Handler Denial Of Service Vulnerability (CVE-2014-5019)


    Web Client Common
    1007440 - Adobe Flash Player Heap Overflow Vulnerability (CVE-2016-0971)
    1007330* - Adobe Flash Player Integer Overflow Vulnerability (CVE-2015-8651)
    1007445 - Adobe Flash Player Integer Overflow Vulnerability (CVE-2016-0976)
    1007433 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-0964)
    1007434 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-0965)
    1007435 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-0966)
    1007436 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-0967)
    1007437 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-0968)
    1007438 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-0969)
    1007439 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-0970)
    1007441 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-0972)
    1007446 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-0977)
    1007447 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-0978)
    1007448 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-0979)
    1007449 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-0981)
    1007454 - Adobe Flash Player Type Confusion Vulnerability (CVE-2016-0985)
    1006468* - Adobe Flash Player Unspecified Vulnerability (CVE-2015-0313)
    1007442 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-0973)
    1007443 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-0974)
    1007444 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-0975)
    1007450 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-0982)
    1007451 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-0983)
    1007453 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-0984)
    1007359 - Adobe Reader And Acrobat PDF Parsing Memory Corruption Vulnerability (CVE-2015-7622)
    1006532* - Identified Malicious Adobe Flash SWF File - 1


    Web Client Internet Explorer/Edge
    1007227* - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2015-6140)
    1007407* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-0063)


    Integrity Monitoring Rules:

    1005041* - Malware - Suspicious Microsoft Windows Files Detected
    1006801* - TMTR-0004: Suspicious Files Detected In Operating System Directories
    1007210* - TMTR-0018: Suspicious Files Detected In User Profile Directory
    1003019* - Trend Micro Deep Security Agent / Relay


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • Rule Update: 16-004 (2016年2月18日)
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    DNS Client
    1007457 - Allowed DNS Resolvers
    1007456 - DNS Malformed Response Detected
    1007458 - glibc getaddrinfo Stack Based Buffer Overflow Vulnerability (CVE-2015-7547)


    Windows Services RPC Server
    1007432 - Microsoft Windows Server Message Block Memory Corruption Vulnerability (CVE-2015-2474)


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • Rule Update: 16-003 (2016年2月9日)
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    DNS Client
    1007402 - ISC BIND APL Data Buffer Overflow Vulnerability (CVE-2015-8704)
    1007377 - ISC BIND DNSSEC Key Handler Denial Of Service Vulnerability (CVE-2015-5722)
    1007424 - ISC BIND OPT Pseudo-RR Data And ECS Options Denial Of Service Vulnerability (CVE-2015-8705)


    Elasticsearch
    1007301 - Elasticsearch Remote Code Execution Vulnerability (CVE-2015-5377)


    Microsoft Office
    1006623* - Microsoft Office Memory Corruption Vulnerability (CVE-2015-1641)
    1007418 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-0022)
    1007419 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-0052)
    1007420 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-0053)
    1007421 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-0054)
    1007422 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-0055)
    1007423 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-0056)


    SSL/TLS Server
    1007379* - TLS1.2 Signature Hash Algorithm Downgrade Attack Used In SLOTH - Server


    TFTP Server
    1000966* - TFTP Commands Argument Length And Directory Traversal Restriction


    Web Application PHP Based
    1007404 - Drupal Core Denial Of Service Vulnerability (CVE-2014-9016)


    Web Client Common
    1006980* - Adobe Flash Player Integer Overflow Vulnerability (CVE-2015-5560)
    1007401 - Google Chrome Same-Origin-Policy Security Bypass Vulnerability (CVE-2015-1267)
    1007416 - Microsoft PDF Library Buffer Overflow Vulnerability (CVE-2016-0058)
    1007427 - Microsoft Windows DLL Loading Vulnerabilities Over WebDAV (MS16-014)
    1007250* - Microsoft Windows Integer Underflow Vulnerability (CVE-2015-6130)
    1007417 - Microsoft Windows Journal Memory Corruption vulnerability (CVE-2016-0038)
    1007415 - Microsoft Windows Reader Vulnerability (CVE-2016-0046)


    Web Client Internet Explorer/Edge
    1007431 - Microsoft Edge ASLR Bypass Vulnerability (CVE-2016-0080)
    1007378* - Microsoft Edge Memory Corruption Vulnerability (CVE-2016-0024)
    1007405 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-0060)
    1007406 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-0061)
    1007429 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-0062)
    1007410 - Microsoft Internet Explorer Elevation Of Privilege Vulnerability (CVE-2016-0068)
    1007428 - Microsoft Internet Explorer Information Disclosure Vulnerability (CVE-2016-0059)
    1007177* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-6086)
    1007407 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-0063)
    1007408 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-0064)
    1007409 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-0067)
    1007411 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-0071)
    1007412 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-0072)


    Web Client SSL
    1006606* - Identified Fraudulent Digital Certificate - 1


    Web Server IIS
    1007430 - Microsoft .NET Framework Stack Overflow Denial Of Service Vulnerability (CVE-2016-0033)


    Windows Services RPC Client
    1007381 - Microsoft Windows DLL Loading Vulnerabilities Over Network Share (MS15-132)
    1007426 - Microsoft Windows DLL Loading Vulnerabilities Over Network Share (MS16-014)


    Integrity Monitoring Rules:

    1004950* - Microsoft Visual Studio - New Add-In Created
    1003019* - Trend Micro Deep Security Agent / Relay


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • Rule Update: 16-002 (2016年1月26日)
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    OpenSSL
    1007328* - OpenSSL Certificate Missing PSS Parameter Denial Of Service Vulnerability (CVE-2015-3194)


    SSL Client
    1007382 - Identified MD5 Hash Algorithm In TLS Server Key Exchange Traffic - Client
    1007384 - TLS1.2 Signature Hash Algorithm Downgrade Attack Used In SLOTH - Client


    SSL/TLS Server
    1007380 - Identified MD5 Hash Algorithm In TLS Server Key Exchange Traffic - Server
    1007379* - TLS1.2 Signature Hash Algorithm Downgrade Attack Used In SLOTH - Server


    Web Client Common
    1007385 - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-0931)
    1007387 - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-0933)
    1007398 - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-0936)
    1007390 - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-0938)
    1007391 - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-0939)
    1007395 - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-0944)
    1007396 - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-0945)
    1007397 - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-0946)
    1007394 - Adobe Acrobat And Reader Security Bypass Vulnerability (CVE-2016-0943)
    1007386 - Adobe Acrobat And Reader Use After Free Vulnerability (CVE-2016-0932)
    1007388 - Adobe Acrobat And Reader Use After Free Vulnerability (CVE-2016-0934)
    1007389 - Adobe Acrobat And Reader Use After Free Vulnerability (CVE-2016-0937)
    1007392 - Adobe Acrobat And Reader Use After Free Vulnerability (CVE-2016-0940)
    1007393 - Adobe Acrobat And Reader Use After Free Vulnerability (CVE-2016-0941)
    1007368* - Microsoft DirectShow Heap Corruption Vulnerability (CVE-2016-0015)
    1007250* - Microsoft Windows Integer Underflow Vulnerability (CVE-2015-6130)
    1007287* - Microsoft Windows Library Loading Remote Code Execution Vulnerability Over WebDAV (CVE-2015-6128)
    1007288* - Microsoft Windows Library Loading Remote Code Execution Vulnerability Over WebDAV (CVE-2015-6132)
    1007284* - Microsoft Windows Library Loading Remote Code Execution Vulnerability Over WebDAV (CVE-2015-6133)
    1007179 - Oracle Java Runtime Environment TTF/Type1 Font Multiple NULL Pointer Dereferences Vulnerabilities


    Web Client Internet Explorer/Edge
    1007225* - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2015-6136)
    1007362* - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2016-0002)


    Web Server Common
    1005496* - Identified HTTP Request Smuggling Attack


    Web Server Miscellaneous
    1007060 - Red Hat JBoss RichFaces Remote Code Execution Vulnerability (CVE-2015-0279)


    Integrity Monitoring Rules:

    1003020* - Trend Micro Deep Security Manager


    Log Inspection Rules:

    1002828* - Application - Secure Shell Daemon (SSHD)
  • Rule Update: 16-001 (2016年1月12日)
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Application Control For Web Browser
    1002996* - Application Control For Google Chrome Web Browser


    DNS Client
    1007297* - Microsoft Windows DNS Use After Free Vulnerability (CVE-2015-6125)


    Microsoft Office
    1007374 - Microsoft Office ASLR Bypass Vulnerability (CVE-2016-0012)
    1007373 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-0010)
    1007375 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-0035)


    OpenSSL
    1007328 - OpenSSL Certificate Missing PSS Parameter Denial Of Service Vulnerability (CVE-2015-3194)


    SSL/TLS Server
    1007379 - SLOTH - Security Losses From Obsolete And Truncated Transcript Hashes Attack On TLS Server


    Web Application Common
    1007170* - Identified Suspicious China Chopper Webshell Communication


    Web Client Common
    1006977* - Adobe Flash Player Use After Free Vulnerability (CVE-2015-5557)
    1004715* - HTTP Web Client Decoding
    1006073* - Heuristic Detection Of Malicious PDF Documents - 6
    1007119* - Identified Malicious Adobe Flash SWF File - 2
    1006882* - Identified Suspicious Obfuscated JavaScript - 4
    1007368 - Microsoft DirectShow Heap Corruption Vulnerability (CVE-2016-0015)
    1007364 - Microsoft Windows ASLR Bypass Vulnerability (CVE-2016-0008)
    1007370 - Microsoft Windows DLL Loading Vulnerabilities Over WebDAV (MS16-007)
    1007062 - Mozilla Firefox Arbitrary JavaScript Execution Vulnerability (CVE-2015-0802)


    Web Client Internet Explorer/Edge
    1007372 - Microsoft Edge Memory Corruption Vulnerability (CVE-2016-0003)
    1007378 - Microsoft Edge Memory Corruption Vulnerability (CVE-2016-0024)
    1007229* - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2015-6142)
    1007244* - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2015-6159)
    1007363 - Microsoft Internet Explorer Same Origin Policy Bypass Vulnerability (CVE-2016-0005)
    1007362 - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2016-0002)
    1007366 - Microsoft Silverlight Runtime Remote Code Execution Vulnerability (CVE-2016-0034)


    Web Server RealVNC
    1006884* - libvncserver Denial Of Service Vulnerability (CVE-2014-6054)


    Windows Services RPC Client
    1007369 - Microsoft Windows DLL Loading Vulnerabilities Over Network Share (MS16-007)


    Integrity Monitoring Rules:

    1003533* - Application - OpenSSH
    1003354* - Mail Server - Sendmail


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • Rule Update: 15-039 (2015年12月30日)
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Application Control For Winny P2P
    1003086* - Application Control For Winny


    Web Application PHP Based
    1007298* - Joomla Core Remote Code Execution Vulnerability (CVE-2015-8562)


    Web Client Common
    1007330 - Adobe Flash Player Integer Overflow Vulnerability (CVE-2015-8651)
    1007331 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-8459)
    1007332 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-8460)
    1007335 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-8636)
    1007343 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-8645)
    1007342 - Adobe Flash Player Type Confusion Vulnerability (CVE-2015-8644)
    1007188* - Adobe Flash Player Use After Free Vulnerability (CVE-2015-7652)
    1007333 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-8634)
    1007334 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-8635)
    1007336 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-8638)
    1007337 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-8639)
    1007338 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-8640)
    1007339 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-8641)
    1007340 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-8642)
    1007341 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-8643)
    1007344 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-8646)
    1007345 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-8647)
    1007346 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-8648)
    1007347 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-8649)
    1007348 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-8650)


    Integrity Monitoring Rules:

    1006802* - TMTR-0003: Suspicious Files Detected In Operating System Directories


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.