This X-Press Update™ product enhancement (XPU) 24.3, featuring Virtual Patch ™ technology, 48 new events including added coverage for detection of spyware applications, and a vulnerability in Computer Associates License Server. Also in this XPU are 16 security content updates and blocking for 42 existing events has been enabled.
Checks:
| Risk | VulnID | Check Name | Category |
| Low | 11835 | PDE_Renew_Host* | Protocol Signature |
| Low | 11835 | PDE_Unauthenticated_Host* | Protocol Signature |
| Medium | 14267 | Spyware_PH_BroadcastPC | Pre-attack Probe |
| High | 14311 | Spyware_PH_DownloadWare | Unauthorized Access Attempt |
| Medium | 14320 | Spyware_PH_MoeMoneyMaker | Unauthorized Access Attempt |
| Medium | 14333 | Spyware_PH_ExactSearchBar | Pre-attack Probe |
| High | 14336 | Spyware_PH_EzulaTopText | Unauthorized Access Attempt |
| High | 14370 | Spyware_PH_HotBar | Unauthorized Access Attempt |
| Medium | 14425 | Spyware_PH_MyWebSearch | Pre-attack Probe |
| Medium | 14477 | Spyware_PH_ShopAtHomeSelect | Pre-attack Probe |
| Low | 14571 | Spyware_PH_WhenUSearch | Unauthorized Access Attempt |
| Medium | 14848 | Spyware_PH_WildTangent | Pre-attack Probe |
| Medium | 16627 | SMB_System32_FileWritten | Suspicious Activity |
| Medium | 17404 | Spyware_PH_GAIN | Unauthorized Access Attempt |
| High | 18126 | Spyware_PH_QuickSearchBar | Unauthorized Access Attempt |
| Medium | 18148 | Spyware_PH_EliteBar | Unauthorized Access Attempt |
| Medium | 18252 | Spyware_PH_GameSpyArcade | Unauthorized Access Attempt |
| Medium | 18261 | Spyware_PH_WeatherBug | Pre-attack Probe |
| Medium | 18291 | Spyware_PH_MySearchBar | Unauthorized Access Attempt |
| Medium | 18307 | Spyware_PH_MessengerPlus | Unauthorized Access Attempt |
| Medium | 18395 | HTML_IE_Sysimage_Disclosure | Pre-attack Probe |
| High | 18419 | Spyware_PH_IEPlugin | Unauthorized Access Attempt |
| Medium | 18451 | Spyware_PH_KeenValue | Unauthorized Access Attempt |
| Medium | 18476 | Spyware_PH_DownloadAcceleratorPlus | Pre-attack Probe |
| High | 18519 | SMB_Samba_SecurityDescriptor_Bo | Unauthorized Access Attempt |
| Medium | 18836 | DNS_Authors_Request | Pre-attack Probe |
| Low | 18884 | UDP_Squid_WCCP_Cachelist_DOS | Denial of Service |
| Medium | 19268 | HTTP_WmvDownloader_BO | Unauthorized Access Attempt |
| High | 19269 | Image_GIF_Netscape_Extension_BO | Unauthorized Access Attempt |
| Low | 19303 | DNS_IDN_Query | Protocol Signature |
| High | 19385 | PsExec_Installed | Suspicious Activity |
| High | 19385 | PsExec_Service_Accessed | Suspicious Activity |
| Medium | 19396 | IM_File_Xfer_Double_Extension | Suspicious Activity |
| Low | 19405 | GTP_C_Element_Unexpected | Suspicious Activity |
| Low | 19408 | GTP_C_Element_Overflow | Suspicious Activity |
| High | 19433 | LHA_File_Path_Overflow | Unauthorized Access Attempt |
| High | 19494 | MGCP_LongField | Suspicious Activity |
| High | 19494 | MGCP_Long_Endpoint | Suspicious Activity |
| High | 19494 | MGCP_Long_Tid | Suspicious Activity |
| Low | 19506 | GTP_C_Element_Underflow | Suspicious Activity |
| Low | 19507 | GTP_C_Err_SystemFailure | Suspicious Activity |
| Low | 19509 | GTP_C_Discovery | Suspicious Activity |
| Low | 19510 | GTP_C_APN_Corrupt | Suspicious Activity |
| Low | 19511 | GTP_C_PPP_Login | Suspicious Activity |
| Low | 19513 | GTP_U_InfrastructureAddress | Suspicious Activity |
| Low | 19514 | GTP_U_Recursion | Suspicious Activity |
| Low | 19518 | GTP_U_StationToStation | Suspicious Activity |
| High | 19562 | CA_License_Server_Request_Bo | Unauthorized Access Attempt |
If you are an existing customer or partner, and you wish to download X-Press Updates from our download center, click here.