Critical: This Content Update provides additional protection for
an Internet Explorer vulnerability that allows remote code
execution as described in the following Microsoft Advisory &
X-Force alert:
http://www.microsoft.com/technet/security/advisory/911302.mspx
http://xforce.iss.net/xforce/alerts/id/209
This update contains 11 new events for vulnerabilities in
Microsoft, Windows Metafile (WMF), and multiple Antivirus vendor
vulnerabilities. Also in this XPU are 19 security content updates
and 7 new blocking responses.
Checks:
| Risk | VulnID | Check Name | Category |
| Medium | 21288 | MSRPC_EventLog_Null_Session | Pre-attack Probe |
| Medium | 222570 | ARJ_AV_Evasion | Suspicious Activity |
| Medium | 22570 | PE_AV_Evasion | Suspicious Activity |
| High | 22877 | Image_WMF_MaxRecordSize_Overflow | Unauthorized Access Attempt |
| High | 22877 | Image_WMF_HeaderFileSize_Overflow | Unauthorized Access Attempt |
| High | 22877 | Image_WMF_NumObjects_Corrupt | Unauthorized Access Attempt |
| High | 23000 | SQL_Empty_Password | Suspicious Activity |
| High | 23000 | SQL_Empty_Password_Failed | Suspicious Activity |
| High | 23033 | ISAKMP_ProtosTool | Unauthorized Access Attempt |
| Low | 23392 | ISAKMP_Hdr_BadVersion | Suspicious Activity |
| High | 23448 | HTML_JS_Dialog_Delay | Unauthorized Access Attempt |
If you are an existing customer or partner, and you wish to download X-Press Updates from our download center, click here.