Critical: This Content Update contains 19 new events to address
vulnerabilities in Microsoft product implementation of the DNS
client and the Microsoft Server Service, Internet Explorer,
JavaScript, and the SIP protocol. Also in this XPU are 4 new
blocking response and 4 security content updates.
Refer to the following X-Force advisory for details:
http://xforce.iss.net/xforce/alerts/id/232
http://xforce.iss.net/xforce/alerts/id/235
Checks:
| Risk | VulnID | Check Name | Category |
| Low | 26712 | SIP_Incomplete_Message | Suspicious Activity |
| High | 26810 | HTML_IE_Url_Overflow | Denial of Service |
| Medium | 27075 | HTML_WinSCP_Command_Exec | Unauthorized Access Attempt |
| High | 27456 | HTTP_IE_HTA_Remote_Exec | Unauthorized Access Attempt |
| High | 27456 | SMB_IE_HTA_Remote_Exec | Unauthorized Access Attempt |
| High | 27573 | JavaScript_HHCtrl_Overflow | Unauthorized Access Attempt |
| High | 27740 | CompoundFile_PowerPoint_MSO_CodeExec | Unauthorized Access Attempt |
| Low | 27791 | HTTP_Executable_Transfer | Suspicious Activity |
| High | 28002 | MSRPC_Srvsvc_Bo | Unauthorized Access Attempt |
| High | 28005 | HTML_MMc_XSS | Unauthorized Access Attempt |
| High | 28013 | DNS_Client_Overflow | Unauthorized Access Attempt |
| High | 28023 | CompoundFile_VBA_Properties_BO | Unauthorized Access Attempt |
| High | 28025 | CompoundFile_PowerPoint_SlideList_CodeExec | Unauthorized Access Attempt |
| High | 28034 | HTML_JS_Layout_Position | Unauthorized Access Attempt |
| High | 28037 | JavaScript_CSS_Mem_Corruption_Vuln | Unauthorized Access Attempt |
| High | 28039 | Javascript_COM_Object | Unauthorized Access Attempt |
| High | 28043 | HTML_Rendering_Memory_Corrupt | Unauthorized Access Attempt |
| High | 28063 | HTTP_LDAP_Mod_Rewrite_BO | Unauthorized Access Attempt |
| High | 28240 | DNS_RDATA_String_BO | Unauthorized Access Attempt |
If you are an existing customer or partner, and you wish to download X-Press Updates from our download center, click here.