This SRU number: 2019-08-12-001
Previous SRU number: 2019-08-07-001
Applies to:
This SEU number: 2053
Previous SEU: 2051
Applies to:
This is the complete list of rules modified in SRU 2019-08-12-001 and SEU 2053.
The format of the file is:
GID - SID - Rule Group - Rule Message - Policy State
The Policy State refers to each default Cisco Talos policy, Connectivity, Balanced, Security, and Maximum Detection.
The default passive policy state is the same as the Balanced policy state with the exception of alert being used instead of drop.
Note: Unless stated explicitly, the rules are for the series of products listed above.
| GID | SID | Rule Group | Rule Message | Policy State | |||
|---|---|---|---|---|---|---|---|
| Con. | Bal. | Sec. | Max. | ||||
| 1 | 15539 | FILE-OFFICE | Microsoft Office Excel Formula record remote code execution attempt | off | off | off | drop |
| 1 | 1807 | POLICY-OTHER | Chunked-Encoding transfer with no data attempt | off | off | off | drop |
| 1 | 18632 | FILE-OFFICE | Microsoft Office Excel malformed Label record exploit attempt | off | off | off | drop |
| 1 | 18637 | FILE-OFFICE | Microsoft Office PowerPoint OfficeArt atom memory corruption attempt | off | off | off | drop |
| 1 | 32940 | FILE-OFFICE | Microsoft Office Excel malformed Label record exploit attempt | off | off | off | drop |
| 1 | 35190 | FILE-OFFICE | Microsoft Office Word sprmPItap heap corruption attempt | off | off | drop | drop |
| 1 | 35191 | FILE-OFFICE | Microsoft Office Word sprmPItap heap corruption attempt | off | off | drop | drop |
| 1 | 38265 | FILE-OFFICE | Microsoft Office Excel Formula record remote code execution attempt | off | off | off | drop |
| 1 | 45142 | BROWSER-IE | Microsoft Edge type confusion attempt | off | drop | drop | drop |
| 1 | 45143 | BROWSER-IE | Microsoft Edge type confusion attempt | off | drop | drop | drop |
| 1 | 47576 | SERVER-WEBAPP | Cobub Razor channel name SQL injection attempt | off | off | drop | drop |
| 1 | 47577 | SERVER-WEBAPP | Cobub Razor channel name SQL injection attempt | off | off | drop | drop |
| 1 | 48051 | BROWSER-IE | Microsoft Edge OP_Memset type confusion attempt | off | off | drop | drop |
| 1 | 48052 | BROWSER-IE | Microsoft Edge OP_Memset type confusion attempt | off | off | drop | drop |
| GID | SID | Rule Group | Rule Message | Policy State | |||
|---|---|---|---|---|---|---|---|
| Con. | Bal. | Sec. | Max. | ||||
| 1 | 1826 | SERVER-WEBAPP | WEB-INF access | off | off | off | drop |
| 1 | 50920 | SERVER-WEBAPP | Synology Photo Station information disclosure attempt | off | off | off | drop |