https://community.extremenetworks.com/t5/end-of-service-products/new-dragon-ips-signatures-released/m-p/21605#M36 The following NIDS signature updates are available via liveupdate for Dragon versions 7.x/8.x:<BR /> <BR /> <BR /> <BR /> EDGE:CHAKRA-SCRIPT-CORRUPT10<BR /> <BR /> UPDATE-TYPE: New Signature<BR /> <BR /> CLASSIFICATION: BETA<BR /> <BR /> DESCRIPTION: A remote code execution vulnerability exists when Microsoft Edge improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Microsoft has released a patch for this vulnerability.<BR /> <BR /> REFERENCE: URLREF<BR /> <BR /> <A href="https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2018-8505" target="_blank" rel="nofollow noreferrer noopener">https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2018-8505</A><BR /> <BR /> REFERENCE: CVE<BR /> <BR /> CVE-2018-8505<BR /> <BR /> <BR /> <BR /> <BR /> <BR /> IE:MEMORY-CORRUPTION-RCE-341<BR /> <BR /> UPDATE-TYPE: New Signature<BR /> <BR /> CLASSIFICATION: BETA<BR /> <BR /> DESCRIPTION: A remote code execution vulnerability exists when a Microsoft browser improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Microsoft has released a patch for this vulnerability.<BR /> <BR /> REFERENCE: URLREF<BR /> <BR /> <A href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8460" target="_blank" rel="nofollow noreferrer noopener">https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8460</A><BR /> <BR /> REFERENCE: CVE<BR /> <BR /> CVE-2018-8460<BR /> <BR /> <BR /> <BR /> <BR /> <BR /> IE:MEMORY-CORRUPTION-RCE-342<BR /> <BR /> UPDATE-TYPE: New Signature<BR /> <BR /> CLASSIFICATION: BETA<BR /> <BR /> DESCRIPTION: A remote code execution vulnerability exists when a Microsoft browser improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Microsoft has released a patch for this vulnerability.<BR /> <BR /> REFERENCE: URLREF<BR /> <BR /> <A href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8491" target="_blank" rel="nofollow noreferrer noopener">https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8491</A><BR /> <BR /> REFERENCE: CVE<BR /> <BR /> CVE-2018-8491<BR /> <BR /> <BR /> <BR /> <BR /> <BR /> MS:JET-DATABASE-ENGINE-RCE-3<BR /> <BR /> UPDATE-TYPE: New Signature<BR /> <BR /> CLASSIFICATION: BETA<BR /> <BR /> DESCRIPTION: There is a vulnerability in the Microsoft JET Database Engine that may lead to remote code execution. An attacker who successfully exploited this vulnerability could take control of an affected system. Microsoft has released a patch for this vulnerability.<BR /> <BR /> REFERENCE: URLREF<BR /> <BR /> <A href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8423" target="_blank" rel="nofollow noreferrer noopener">https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8423</A><BR /> <BR /> REFERENCE: CVE<BR /> <BR /> CVE-2018-8423<BR /> <BR /> <BR /> <BR /> <BR /> <BR /> MS:THEME-API-RCE<BR /> <BR /> UPDATE-TYPE: New Signature<BR /> <BR /> CLASSIFICATION: BETA<BR /> <BR /> DESCRIPTION: A remote code execution vulnerability exists when the Windows Theme API does not properly decompress files. An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user. Microsoft has released a patch for this vulnerability. This signature looks for the downloading of a malicious themepack file to the client system.<BR /> <BR /> REFERENCE: URLREF<BR /> <BR /> <A href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8413" target="_blank" rel="nofollow noreferrer noopener">https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8413</A><BR /> <BR /> REFERENCE: CVE<BR /> <BR /> CVE-2018-8413<BR /> <BR /> <BR /> <BR /> <BR /> <BR /> WINDOWS:SHELL-RCE<BR /> <BR /> UPDATE-TYPE: New Signature<BR /> <BR /> CLASSIFICATION: BETA<BR /> <BR /> DESCRIPTION: A remote code execution vulnerability exists when Windows Shell improperly handles URLs. An attacker who exploited this vulnerability could gain the same user rights as the current user. Microsoft has released a patch for this vulnerability.<BR /> <BR /> REFERENCE: URLREF<BR /> <BR /> <A href="https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2018-8495" target="_blank" rel="nofollow noreferrer noopener">https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2018-8495</A><BR /> <BR /> REFERENCE: CVE<BR /> <BR /> CVE-2018-8495<BR /> <BR /> <BR /> <BR /> Wed, 10 Oct 2018 16:18:00 GMT Dudley__Jeff 2018-10-10T16:18:00Z https://community.extremenetworks.com/t5/end-of-service-products/new-dragon-ips-signatures-released/m-p/21605#M36 The following NIDS signature updates are available via liveupdate for Dragon versions 7.x/8.x:<BR /> <BR /> <BR /> <BR /> EDGE:CHAKRA-SCRIPT-CORRUPT10<BR /> <BR /> UPDATE-TYPE: New Signature<BR /> <BR /> CLASSIFICATION: BETA<BR /> <BR /> DESCRIPTION: A remote code execution vulnerability exists when Microsoft Edge improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Microsoft has released a patch for this vulnerability.<BR /> <BR /> REFERENCE: URLREF<BR /> <BR /> <A href="https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2018-8505" target="_blank" rel="nofollow noreferrer noopener">https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2018-8505</A><BR /> <BR /> REFERENCE: CVE<BR /> <BR /> CVE-2018-8505<BR /> <BR /> <BR /> <BR /> <BR /> <BR /> IE:MEMORY-CORRUPTION-RCE-341<BR /> <BR /> UPDATE-TYPE: New Signature<BR /> <BR /> CLASSIFICATION: BETA<BR /> <BR /> DESCRIPTION: A remote code execution vulnerability exists when a Microsoft browser improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Microsoft has released a patch for this vulnerability.<BR /> <BR /> REFERENCE: URLREF<BR /> <BR /> <A href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8460" target="_blank" rel="nofollow noreferrer noopener">https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8460</A><BR /> <BR /> REFERENCE: CVE<BR /> <BR /> CVE-2018-8460<BR /> <BR /> <BR /> <BR /> <BR /> <BR /> IE:MEMORY-CORRUPTION-RCE-342<BR /> <BR /> UPDATE-TYPE: New Signature<BR /> <BR /> CLASSIFICATION: BETA<BR /> <BR /> DESCRIPTION: A remote code execution vulnerability exists when a Microsoft browser improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Microsoft has released a patch for this vulnerability.<BR /> <BR /> REFERENCE: URLREF<BR /> <BR /> <A href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8491" target="_blank" rel="nofollow noreferrer noopener">https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8491</A><BR /> <BR /> REFERENCE: CVE<BR /> <BR /> CVE-2018-8491<BR /> <BR /> <BR /> <BR /> <BR /> <BR /> MS:JET-DATABASE-ENGINE-RCE-3<BR /> <BR /> UPDATE-TYPE: New Signature<BR /> <BR /> CLASSIFICATION: BETA<BR /> <BR /> DESCRIPTION: There is a vulnerability in the Microsoft JET Database Engine that may lead to remote code execution. An attacker who successfully exploited this vulnerability could take control of an affected system. Microsoft has released a patch for this vulnerability.<BR /> <BR /> REFERENCE: URLREF<BR /> <BR /> <A href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8423" target="_blank" rel="nofollow noreferrer noopener">https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8423</A><BR /> <BR /> REFERENCE: CVE<BR /> <BR /> CVE-2018-8423<BR /> <BR /> <BR /> <BR /> <BR /> <BR /> MS:THEME-API-RCE<BR /> <BR /> UPDATE-TYPE: New Signature<BR /> <BR /> CLASSIFICATION: BETA<BR /> <BR /> DESCRIPTION: A remote code execution vulnerability exists when the Windows Theme API does not properly decompress files. An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user. Microsoft has released a patch for this vulnerability. This signature looks for the downloading of a malicious themepack file to the client system.<BR /> <BR /> REFERENCE: URLREF<BR /> <BR /> <A href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8413" target="_blank" rel="nofollow noreferrer noopener">https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8413</A><BR /> <BR /> REFERENCE: CVE<BR /> <BR /> CVE-2018-8413<BR /> <BR /> <BR /> <BR /> <BR /> <BR /> WINDOWS:SHELL-RCE<BR /> <BR /> UPDATE-TYPE: New Signature<BR /> <BR /> CLASSIFICATION: BETA<BR /> <BR /> DESCRIPTION: A remote code execution vulnerability exists when Windows Shell improperly handles URLs. An attacker who exploited this vulnerability could gain the same user rights as the current user. Microsoft has released a patch for this vulnerability.<BR /> <BR /> REFERENCE: URLREF<BR /> <BR /> <A href="https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2018-8495" target="_blank" rel="nofollow noreferrer noopener">https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2018-8495</A><BR /> <BR /> REFERENCE: CVE<BR /> <BR /> CVE-2018-8495<BR /> <BR /> <BR /> <BR /> Wed, 10 Oct 2018 16:18:00 GMT https://community.extremenetworks.com/t5/end-of-service-products/new-dragon-ips-signatures-released/m-p/21605#M36 Dudley__Jeff 2018-10-10T16:18:00Z