Microsoft addresses several vulnerabilities in its April batch of patches:
The following Trend Micro products have released specific rules for CVE-2017-0199:
Product | Rule Name |
Deep Discovery Inspector | DDI Rule 18: DNS response of a queried malware Command and Control domain |
TippingPoint | 27726: HTTP: Microsoft Word RTF objautlink Memory Corruption Vulnerability |
TippingPoint | 27841: HTTP: RTF File Implementing objautlink and URL Monikers |
TippingPoint | 27841: HTTP: RTF File Implementing objautlink and URL Monikers |
Smart Home Network Security | 1133594 FILE Microsoft Outlook Remote Code Execution Vulnerability (CVE-2017-0199) |
Trend Micro Deep Security shields networks through the following Deep Packet Inspection (DPI) rules. Trend Micro customers using the Vulnerability Protection product or OfficeScan with Intrusion Defense Firewall (IDF) plugin are also protected from attacks using these vulnerabilities.
Vulnerability ID | DPI Rule Number | DPI Rule Name | Release Date | Vulnerability Protection and IDF Compatibility |
CVE-2017-0199 | 1008285 | Microsoft Word Remote Code Execution Vulnerability (CVE-2017-0199) | 11-Apr-17 | YES |
CVE-2017-0158 | 1008275 | Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2017-0158) | 11-Apr-17 | YES |
CVE-2017-0208 | 1008291 | Microsoft Edge Scripting Engine Information Disclosure Vulnerability (CVE-2017-0208) | 11-Apr-17 | YES |
CVE-2017-0202 | 1008288 | Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2017-0202) | 11-Apr-17 | YES |
CVE-2017-0205 | 1008290 | Microsoft Edge Memory Corruption Vulnerability (CVE-2017-0205) | 11-Apr-17 | YES |
CVE-2017-0192 | 1008290 | Microsoft Edge Memory Corruption Vulnerability (CVE-2017-0205) | 11-Apr-17 | YES |
CVE-2017-0200 | 1008286 | Microsoft Edge Memory Corruption Vulnerability (CVE-2017-0200) | 11-Apr-17 | YES |
CVE-2017-0166 | 1008278 | Microsoft LDAP Elevation Of Privilege Vulnerability (CVE-2017-0166) | 11-Apr-17 | YES |
CVE-2017-0197 | 1008284 | Microsoft Office DLL Loading Vulnerability Over Network Share (CVE-2017-0197) | 11-Apr-17 | YES |
CVE-2017-0197 | 1008292 | Microsoft Office DLL Loading Vulnerability Over WebDAV (CVE-2017-0197) | 11-Apr-17 | YES |
CVE-2017-0201 | 1008287 | Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2017-0201) | 11-Apr-17 | YES |
CVE-2017-0155 | 1008274 | Microsoft Windows Multiple Security Vulnerabilities (April-2017) | 11-Apr-17 | YES |
CVE-2017-0160 | 1008274 | Microsoft Windows Multiple Security Vulnerabilities (April-2017) | 11-Apr-17 | YES |
CVE-2017-0165 | 1008274 | Microsoft Windows Multiple Security Vulnerabilities (April-2017) | 11-Apr-17 | YES |
CVE-2017-0167 | 1008274 | Microsoft Windows Multiple Security Vulnerabilities (April-2017) | 11-Apr-17 | YES |
CVE-2017-0188 | 1008274 | Microsoft Windows Multiple Security Vulnerabilities (April-2017) | 11-Apr-17 | YES |
CVE-2017-0189 | 1008274 | Microsoft Windows Multiple Security Vulnerabilities (April-2017) | 11-Apr-17 | YES |
CVE-2017-0211 | 1008274 | Microsoft Windows Multiple Security Vulnerabilities (April-2017) | 11-Apr-17 | YES |
CVE-2017-0156 | 1008274 | Microsoft Windows Multiple Security Vulnerabilities (April-2017) | 11-Apr-17 | YES |
CVE-2017-0210 | 1008294 | Microsoft Internet Explorer Elevation Of Privilege Vulnerability (CVE-2017-0210) | 11-Apr-17 | YES |
CVE-2017-0194 | 1008283 | Microsoft Office Memory Corruption Vulnerability (CVE-2017-0194) | 11-Apr-17 | YES |