IPS Threat Content Update Release Notes 23.141.14
IPS Threat Content Update Release Notes 23.141.14
Following is the summary of signatures deployed on October 16th, 2023 with the IPS content release:
-
Signatures Added : 11
-
Signatures Modified : 0
-
Signatures Removed : 1
Signatures Added
| SID | Description | Reference |
|---|---|---|
| 62509 | OS-WINDOWS Microsoft Windows Win32k escalation of privilege attempt | CVE-2023-36743 |
| 62511 | OS-WINDOWS Microsoft Windows kernel escalation of privilege attempt | CVE-2023-41772 |
| 150684 | MALWARE-CNC APT10.Uppercut.Checkin.Get traffic detected | No Reference |
| 62493 | OS-WINDOWS Microsoft Windows Graphics Component privilege escalation attempt | CVE-2023-38159 |
| 62491 | OS-WINDOWS Microsoft Windows Win32k privilege escalation attempt | CVE-2023-36776 |
| 62456 | OS-WINDOWS Microsoft Windows Theme code execution attempt | CVE-2023-38146 |
| 62454 | MALWARE-CNC Win.Malware.StrelaStealer variant download attempt | www.virustotal.com/gui/file/be9f84b19f02f16b7d8a9148a68ad8728cc169668f2c59f918d019bce400d90e |
| 62452 | MALWARE-CNC Win.Trojan.OriginBotnet outbound connection attempt | www.fortinet.com/blog/threat-research/originbotnet-spreads-via-malicious-word-document |
| 62458 | OS-WINDOWS Microsoft Windows Theme code execution attempt | CVE-2023-38146 |
| 62488 | OS-WINDOWS Microsoft Windows Common Log File System driver information disclosure attempt | CVE-2023-36713 |
| 62487 | OS-WINDOWS Microsoft Windows privilege escalation attempt | CVE-2023-36594 |
Removed Signatures
Removed the following signature due to False Positives (FP): 61940.
