CRITICAL: This Content Update XPU (X-Press Update™), featuring Virtual Patch™ technology, contains 34 new events, for vulnerabilities in Microsoft Products and assorted threats. A critical vulnerability in Microsoft's MSDTC is addressed in this XPU, for information regarding this critical vulnerability, please see X-Force Alert http://xforce.iss.net/xforce/alerts/id/206. Also in this XPU are 13 security content updates and 31 new blocking responses.
Checks:
| Risk | VulnID | Check Name | Category |
| Medium | 12598 | Spyware_Gator_Detected | Protocol Signature |
| High | 15142 | Oxon_TCP_Request | Unauthorized Access Attempt |
| High | 15142 | Oxon_TCP_Response | Unauthorized Access Attempt |
| High | 15149 | Osiris_TCP_Response | Unauthorized Access Attempt |
| High | 15152 | OptixPro_TCP_Response | Unauthorized Access Attempt |
| High | 15697 | OneOfTheLastTrojans_TCP_Request | Unauthorized Access Attempt |
| High | 15763 | One_TCP_Request | Unauthorized Access Attempt |
| High | 15763 | One_TCP_Response | Unauthorized Access Attempt |
| High | 20132 | HTML_Mozilla_PluginsPage_Exec | Unauthorized Access Attempt |
| Medium | 20172 | HTTP_Gmail_Email_Attachment | Protocol Signature |
| Medium | 20338 | HTTP_Dropload_Email_Attachment | Protocol Signature |
| High | 21700 | MSRPC_Netware_BO | Unauthorized Access Attempt |
| High | 21765 | HTTP_ISpyNow_Installed | Protocol Signature |
| Medium | 21893 | RPC_Legato_Portmap_Set | Suspicious Activity |
| Medium | 21893 | RPC_Legato_Portmap_Unset | Suspicious Activity |
| High | 21895 | HTML_IE_MSDDS_Heap_Corruption | Unauthorized Access Attempt |
| Medium | 21911 | ISAKMP_Brute_Force | Suspicious Activity |
| High | 21934 | HTML_Meta_Refresh_URLs | Unauthorized Access Attempt |
| Low | 22086 | IRC_Rogue_Session | Protocol Signature |
| High | 22248 | HTTP_GET_SQL_Select_Top_1 | Unauthorized Access Attempt |
| High | 22248 | HTTP_POST_SQL_Select_Top_1 | Unauthorized Access Attempt |
| High | 22250 | HTTP_GET_SQL_Convert_Int | Unauthorized Access Attempt |
| High | 22250 | HTTP_POST_SQL_Convert_Int | Unauthorized Access Attempt |
| Low | 22365 | MSRPC_PlugAndPlay_Detected | Unauthorized Access Attempt |
| High | 22411 | XML_RealPix_FormatString | Unauthorized Access Attempt |
| High | 22451 | SMB_Mass_Login | Protocol Signature |
| High | 22452 | TFTP_File_Brute_Force | Suspicious Activity |
| High | 22467 | MSRPC_MSDTC_Message_BO | Unauthorized Access Attempt |
| Low | 22475 | TIP_Identify_Wrong_Addr | Denial of Service |
| High | 22480 | RIFF_AVI_DirectShow_Overflow | Unauthorized Access Attempt |
| High | 22481 | MSRPC_PlugAndPlay_DeviceSlashBo | Unauthorized Access Attempt |
| High | 22495 | Email_Mime_ContentType_Overflow | Unauthorized Access Attempt |
| Low | 22499 | HTTP_IDS_Server_Detected | Status/Control Messages |
| High | 22500 | HTTP_IDS_Script_Injection | Unauthorized Access Attempt |
If you are an existing customer or partner, and you wish to download X-Press Updates from our download center, click here.