New Dragon IPS signature release December 20 2018


Userlevel 2
The following NIDS signature updates are available via liveupdate for Dragon versions 7.x/8.x:

IE:SCRIPTING-ENGINE-RCE-61
UPDATE-TYPE: New Signature
CLASSIFICATION: BETA
DESCRIPTION: A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Microsoft has released a patch for this vulnerability.
REFERENCE: URLREF
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8653
REFERENCE: CVE
CVE-2018-8653

1 reply

Userlevel 7
Thanks Jeff!

Reply