The following NIDS signature updates are available via liveupdate for Dragon versions 7.x/8.x:
IE:UMCI-SECURITY-BYPASS
UPDATE-TYPE: New Signature
CLASSIFICATION: BETA
DESCRIPTION: A security bypass vulnerability exists when Microsoft Internet Explorer processes a specially crafted file. Microsoft has released a patch for this vulnerability.
REFERENCE: URLREF
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8625
REFERENCE: CVE
CVE-2017-8625
MS:JET-DATABASE-ENGINE-RCE
UPDATE-TYPE: New Signature
CLASSIFICATION: BETA
DESCRIPTION: There is a vulnerability in the Microsoft JET Database Engine that may lead to remote code execution. The vulnerability is in the processing of a specially crafted database files. Microsoft has released a patch for this vulnerability. This signature looks for the downloading of a crafted Microsoft Jet DB file.
REFERENCE: URLREF
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0250
REFERENCE: CVE
CVE-2017-0250
