Critical: This Content Update contains 19 new events to address vulnerabilities in Microsoft product implementation of the DNS client and the Microsoft Server Service, Internet Explorer, JavaScript, and the SIP protocol. Also in this XPU are 4 new blocking response and 4 security content updates. Refer to the following X-Force advisory for details: http://xforce.iss.net/xforce/alerts/id/232 http://xforce.iss.net/xforce/alerts/id/235
Checks:
| Risk | VulnID | Check Name | Category |
| Low | 26712 | SIP_Incomplete_Message | Suspicious Activity |
| High | 26810 | HTML_IE_Url_Overflow | Denial of Service |
| Medium | 27075 | HTML_WinSCP_Command_Exec | Unauthorized Access Attempt |
| High | 27456 | HTTP_IE_HTA_Remote_Exec | Unauthorized Access Attempt |
| High | 27456 | SMB_IE_HTA_Remote_Exec | Unauthorized Access Attempt |
| High | 27573 | JavaScript_HHCtrl_Overflow | Unauthorized Access Attempt |
| High | 27740 | CompoundFile_PowerPoint_MSO_CodeExec | Unauthorized Access Attempt |
| Low | 27791 | HTTP_Executable_Transfer | Suspicious Activity |
| High | 28002 | MSRPC_Srvsvc_Bo | Unauthorized Access Attempt |
| High | 28005 | HTML_MMc_XSS | Unauthorized Access Attempt |
| High | 28013 | DNS_Client_Overflow | Unauthorized Access Attempt |
| High | 28023 | CompoundFile_VBA_Properties_BO | Unauthorized Access Attempt |
| High | 28025 | CompoundFile_PowerPoint_SlideList_CodeExec | Unauthorized Access Attempt |
| High | 28034 | HTML_JS_Layout_Position | Unauthorized Access Attempt |
| High | 28037 | JavaScript_CSS_Mem_Corruption_Vuln | Unauthorized Access Attempt |
| High | 28039 | Javascript_COM_Object | Unauthorized Access Attempt |
| High | 28043 | HTML_Rendering_Memory_Corrupt | Unauthorized Access Attempt |
| High | 28063 | HTTP_LDAP_Mod_Rewrite_BO | Unauthorized Access Attempt |
| High | 28240 | DNS_RDATA_String_BO | Unauthorized Access Attempt |
If you are an existing customer or partner, and you wish to download X-Press Updates from our download center, click here.