This X-Press Update™ product enhancement (XPU), featuring Virtual Patch ™ technology, includes 15 new events to provide protection for vulnerabilities in Cisco call manager, Real Player file formats and a critical vulnerability in Microsoft’s Image Color Management (ICM) library. For information regarding this critical vulnerability, please see the X-Force Alert http://xforce.iss.net/xforce/alerts/id/198. Blocking for 27 existing events has also been enabled.
Checks:
| Risk | VulnID | Check Name | Category |
| Low | 5156 | HTML_XSS_Attempt | Unauthorized Access Attempt |
| Low | 16436 | SoftEther_Hub_Administration | Suspicious Activity |
| Low | 16436 | SSL_SoftEther_Detected | Suspicious Activity |
| High | 16823 | SMB_ATService_Connect | Unauthorized Access Attempt |
| Low | 19053 | Cisco_CallMgrDB_DoS | Denial of Service |
| High | 19054 | Cisco_CallMgrDB_Bo | Unauthorized Access Attempt |
| High | 20163 | RAM_Domain_Overflow | Unauthorized Access Attempt |
| High | 20713 | IMAP_Imail_Status_Overflow | Unauthorized Access Attempt |
| High | 20821 | CHM_DirChunkSize_Bo | Unauthorized Access Attempt |
| High | 21174 | IMAP_Tag_Overflow | Unauthorized Access Attempt |
| Low | 21175 | XDMCP_Session_Accepted | Protocol Signature |
| Low | 21177 | XDMCP_Query | Protocol Signature |
| High | 21221 | ICC_Profile_Tag_Overflow | Unauthorized Access Attempt |
| Low | 21259 | HTTP_Unknown_Protocol | Protocol Signature |
| High | 21307 | HTML_IE_ActiveX_Loader_Heap_Corruption | Unauthorized Access Attempt |
If you are an existing customer or partner, and you wish to download X-Press Updates from our download center, click here.