Updated Windows Signatures
Minimum Supported
Product version
Host
Intrusion
Prevention
Endpoint
Security
Exploit
Prevention
Bugfix: The default severity level of the below listed signatures is changed from Medium
to Disabled as a part of the signature clean up activity.
Please note that this change is applicable for all versions of Host Intrusion Prevention
and Endpoint Security Exploit Prevention products.
S.No.
Signature
Id Signature Name
1 960 Msgina.dll File Modified
2 2240 Windows Metafile Denial of Service Vulnerability (2)
3 2252
Microsoft KB978262 Critical Cumulative Security Update of
ActiveX Kill Bits
4 2260
Vulnerability in Microsoft Data Analyzer ActiveX Control
Could Allow Remote Code Execution
5 2261
Vulnerability in Microsoft Internet Explorer 8 Developer
Tools Could Allow Remote Code Execution
6 2266 Access ActiveX Control Vulnerability
7 2267 ACCWIZ.dll Uninitialized Variable Vulnerability
8 2280
Vulnerability in Netlogon RPC Service Could Allow Denial of
Service
9 2285 Active Directory SPN Validation Vulnerability
10 2660 IE Envelope - HTML Application Execution
11 2664 IE Envelope - Windows Help Execution
12 2720 Outlook Envelope - Windows Executable Mod.
13 2721 Outlook Envelope - Abnormal Executable Mod.
14 2760 Outlook Envelope - HTML Application Execution
15 2761 Outlook Envelope - Suspicious Executable Mod.
16 2762 Outlook Envelope - Compiled Help File Execution
17 2763 Outlook Envelope - NTVDM Execution
18 2779 TDSS Rootkit Infection
19 2834 Java - Creation of suspicious files in Temp folder
20 3754 Illegal Execution in winword.exe
21 3763 Windows Kernel Elevation of Privilege Vulnerability
22 3779 Windows IE ADODB.Connection Vulnerability
23 3784
Vulnerability in Microsoft Agent Could Allow Remote Code
Execution
24 3809 Microsoft Outlook VEVENT Vulnerability
25 3819 Vulnerability in HTML Help ActiveX Control
26 3821 Vulnerability in Microsoft Word Macro Security
27 3826 Multiple buffer overflows in the SupportSoft ActiveX controls
28 3831 Windows IE ADODB.Recordset Vulnerability
29 3869
Vulnerability in RealPlayer ActiveX Control Could Allow
Remote Code Execution
30 3912
Vulnerability in Microsoft Office Web Components ActiveX
Control Could Allow Remote Code Execution
31 3922 Illegal Execution in Microsoft Excel
32 3941
Microsoft Visual Studio Msmask32 ActiveX Control Could
Allow Remote Code Execution
8.0.0 10.5.3