Rule Update

20-016 (March 31, 2020)


  DESCRIPTION

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

DCERPC Services - Client
1010201 - Microsoft Windows LNK Remote Code Execution Vulnerability Over SMB (CVE-2020-0729)


Microsoft Host Integration Server SnaBase Service
1004683* - Microsoft Host Integration Server snabase.exe Memory Access Error


Microsoft Office
1010208 - Microsoft Office Excel Linked List Corruption Vulnerability (CVE-2011-0979)
1010209 - Microsoft Office Excel Remote Code Execution Vulnerability (CVE-2011-0980)


Web Application Common
1010196 - Identified Suspicious .NET Serialized Object
1010183* - Microsoft Exchange Validation Key Remote Code Execution Vulnerability (CVE-2020-0688)
1010199* - Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability (CVE-2020-0618)


Web Client Common
1010193* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB20-13)
1010211 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB20-13) - 1
1010182* - Google Chrome Type Confusion Vulnerability (CVE-2020-6418)
1010200 - Microsoft Windows LNK Remote Code Execution Vulnerability Over WebDAV (CVE-2020-0729)


Web Server Common
1010097* - CMS Made Simple (CMSMS) Remote Code Execution Vulnerability (CVE-2019-9692)
1010178* - Cisco Data Center Network Manager Directory Traversal Vulnerability (CVE-2019-15981)


Web Server Squid
1010177 - Squid Proxy HTTP Request Processing Buffer Overflow Vulnerability (CVE-2020-8450)


Integrity Monitoring Rules:

1007210* - TMTR-0018: Suspicious Files Detected In User Profile Directory
1010138* - Trend Micro Apex One And OfficeScan Directory Traversal Vulnerability (CVE-2019-9489)
1003020* - Trend Micro Deep Security Manager


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.