New Dragon IPS signature release

Dudley__Jeff — Wed, 14 Nov 2018 19:36:00 GMT

The following NIDS signature updates are available via
liveupdate for Dragon versions 7.x/8.x:

EDGE:CHAKRA-SCRIPT10

UPDATE-TYPE: New Signature

CLASSIFICATION: BETA

DESCRIPTION: A remote code execution vulnerability exists when Microsoft Edge improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Microsoft has released a patch for this vulnerability.

REFERENCE: URLREF

https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2018-8588

REFERENCE: CVE

CVE-2018-8588

EDGE:CHAKRA-SCRIPT8

UPDATE-TYPE: New Signature

CLASSIFICATION: BETA

DESCRIPTION: A remote code execution vulnerability exists when Microsoft Edge improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Microsoft has released a patch for this vulnerability.

REFERENCE: URLREF

https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2018-8556

REFERENCE: CVE

CVE-2018-8556

EDGE:CHAKRA-SCRIPT9

UPDATE-TYPE: New Signature

CLASSIFICATION: BETA

DESCRIPTION: A remote code execution vulnerability exists when Microsoft Edge improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Microsoft has released a patch for this vulnerability.

REFERENCE: URLREF

https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2018-8557

REFERENCE: CVE

CVE-2018-8557

EDGE:INFO-DISCLOSURE12

UPDATE-TYPE: New Signature

CLASSIFICATION: BETA

DESCRIPTION: An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory. An attacker who exploited this vulnerability could obtain information to further compromise the users system. Microsoft has released a patch for this vulnerability.

REFERENCE: URLREF

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8545

REFERENCE: CVE

CVE-2018-8545

EDGE:SCRIPT-ENG-MEM-CORRUPT-91

UPDATE-TYPE: New Signature

CLASSIFICATION: BETA

DESCRIPTION: A remote code execution vulnerability exists in the way that the Scripting Engine renders when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Microsoft has released a patch for this vulnerability.

REFERENCE: URLREF

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8542

REFERENCE: CVE

CVE-2018-8542

EDGE:SCRIPT-ENG-MEM-CORRUPT-92

UPDATE-TYPE: New Signature

CLASSIFICATION: BETA

DESCRIPTION: A remote code execution vulnerability exists in the way that the Scripting Engine renders when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Microsoft has released a patch for this vulnerability.

REFERENCE: URLREF

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8555

REFERENCE: CVE

CVE-2018-8555

IE:INFO-DISCLOSURE11

UPDATE-TYPE: New Signature

CLASSIFICATION: BETA

DESCRIPTION: An information disclosure vulnerability exists when a Microsoft browser incorrectly handles objects in memory. Microsoft has released a patch for this vulnerability.

REFERENCE: URLREF

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8552

REFERENCE: CVE

CVE-2018-8552

MS:DIRECTX-INFO-DISCLOSURE

UPDATE-TYPE: New Signature

CLASSIFICATION: BETA

DESCRIPTION: An information disclosure vulnerability exists when DirectX improperly accesses objects in memory. This vulnerability may allow an attacker to obtain information to compromise a user's system. Microsoft has released a patch for this vulnerability.

REFERENCE: URLREF

https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2018-8563

REFERENCE: CVE

CVE-2018-8563

MS:OUTLOOK-RULEFILE

UPDATE-TYPE: New Signature

CLASSIFICATION: BETA

DESCRIPTION: A remote code execution vulnerability exists in Microsoft Outlook software when it failed to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. Microsoft has released a patch for this vulnerability.

REFERENCE: URLREF

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8522

REFERENCE: CVE

CVE-2018-8522

MS:OUTLOOK-RULEFILE-2

UPDATE-TYPE: New Signature

CLASSIFICATION: BETA

DESCRIPTION: A remote code execution vulnerability exists in Microsoft Outlook software when it failed to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. Microsoft has released a patch for this vulnerability.

REFERENCE: URLREF

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8582

REFERENCE: CVE

CVE-2018-8582

MS:VBSCRIPT-ENGINE-RCE-3

UPDATE-TYPE: New Signature

CLASSIFICATION: BETA

DESCRIPTION: A remote code execution vulnerability exists in a Microsoft browser when the VBScript engine improperly handles objects in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Microsoft has released a patch for this vulnerability.

REFERENCE: URLREF

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8544

REFERENCE: CVE

CVE-2018-8544

MS:WIN-GRAPHICS-WMF-RCE

UPDATE-TYPE: New Signature

CLASSIFICATION: BETA

DESCRIPTION: A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code on a target system. Microsoft has released a patch for this vulnerability.

REFERENCE: URLREF

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8553

REFERENCE: CVE

CVE-2018-8553

MS:WORD-REMOTE-CODE-EXE

UPDATE-TYPE: New Signature

CLASSIFICATION: BETA

DESCRIPTION: A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. Microsoft has released a patch for this vulnerability.

REFERENCE: URLREF

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8539

REFERENCE: CVE

CVE-2018-8539

TFTP:WINDOWS-DEPLOYMENT-RCE

UPDATE-TYPE: New Signature

CLASSIFICATION: BETA

DESCRIPTION: A remote code execution vulnerability exists in the way that Windows Deployment Services TFTP Server handles objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code with elevated permissions on a target system. Microsoft has released a patch for this vulnerability.

REFERENCE: URLREF

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8476

REFERENCE: CVE

CVE-2018-8476

topic New Dragon IPS signature release in End of Service Products

New Dragon IPS signature release