CRITICAL: This X-Press Update™ product enhancement (XPU) 24.4, featuring Virtual Patch ™ technology, includes 30 new events including added coverage for detection of spyware applications, and vulnerabilities in the SOAP protocol. Also in this XPU are 12 security content updates. Blocking for 27 existing events has been enabled including critical issues with Microsoft Exchange server and the NT TCP/IP stack. Please see the X-Force Advisories http://xforce.iss.net/xforce/alerts/id/192 and http://xforce.iss.net/xforce/alerts/id/193 for additional information.
Checks:
| Risk | VulnID | Check Name | Category |
| High | 14411 | Spyware_PH_MarketScore | Suspicious Activity |
| High | 15650 | MSRPC_Svcctl_Remote_Control | Unauthorized Access Attempt |
| High | 15650 | MSRPC_Svcctl_Remote_Query | Unauthorized Access Attempt |
| Medium | 18576 | HTTP_Media_Player_setItemInfo_CodeExec | Unauthorized Access Attempt |
| High | 18912 | HTTP_AWStats_PluginMode_Exec | Unauthorized Access Attempt |
| High | 19058 | HTTP_AWStats_ConfigDir_Exec | Unauthorized Access Attempt |
| Medium | 19060 | HTTP_Squid_Cache_Poisoning | Unauthorized Access Attempt |
| Low | 19062 | DNS_DNSSEC_Type_Mismatch | Denial of Service |
| Medium | 19236 | HTML_URL_Homograph | Unauthorized Access Attempt |
| High | 19339 | HTTP_AWStats_LoadPlugin | Unauthorized Access Attempt |
| Medium | 19386 | ICMP_PingTunnel_Detected | Suspicious Activity |
| High | 19704 | ICMPv6_Malformed_Option_Segment | Unauthorized Access Attempt |
| High | 19705 | PlugAndPlay_BO | Unauthorized Access Attempt |
| High | 19705 | PlugAndPlay_DoS | Unauthorized Access Attempt |
| Low | 19731 | SIP_Large_Content_Length | Suspicious Activity |
| Low | 19732 | SIP_Long_Header_Value | Suspicious Activity |
| Low | 19733 | SIP_Long_Request_URI | Suspicious Activity |
| Low | 19734 | SIP_Long_Header_Name | Suspicious Activity |
| Low | 19767 | SIP_Content_Length_Mismatch | Suspicious Activity |
| Low | 19768 | SIP_Blank_Header_Value | Suspicious Activity |
| Low | 19770 | SIP_Large_Max_Forwards | Suspicious Activity |
| Medium | 19812 | HTML_Element_Filename_Traversal | Unauthorized Access Attempt |
| High | 19829 | MSRPC_MSMQ_Overflow | Unauthorized Access Attempt |
| High | 19835 | Content_RAR_Missing_Extension | Unauthorized Access Attempt |
| High | 19835 | Content_Incorrect_Extension | Unauthorized Access Attempt |
| High | 19841 | HTML_Hostname_Overflow | Unauthorized Access Attempt |
| Medium | 19944 | SOAP_AccessDenied | Unauthorized Access Attempt |
| Low | 19963 | SOAP_Envelope_Overflow | Denial of Service |
| Low | 19986 | SOAP_Message_Body | Protocol Signature |
| Low | 19992 | InstallShield_Silent_Installer | Unauthorized Access Attempt |
If you are an existing customer or partner, and you wish to download X-Press Updates from our download center, click here.