This document describes current Symantec product detections for the Microsoft vulnerabilities for which Microsoft releases patches in their monthly Security Bulletins.

Note: This article will update monthly according to the bulletin release schedule.

• July 2020
• August 2020
• September 2020
• October 2020
• November 2020
• December 2020
• January 2021
• February_2021
• March_2021
• April_2021

• April 2021
  
  For the April 2021 Microsoft addressed 108 vulnerabilities.
  
  Symantec has introduced the following protections based on available information. 
  
  CVE-2021-28310

AV:  Exp.CVE-2021-28310

Symantec Security Response continues to monitor in the wild usage and/or coverage feasibility for the other announced vulnerabilities and may add additional coverage where required*.

• March 2021
  
  For the March 2021 Microsoft addressed 89 vulnerabilities.
  
  Symantec has introduced the following protections based on available information. 
  
  CVE-2021-26411

AV: 
Exp.CVE-2021-26411
ISB.CVE2021-26411!g1

IPS: Web Attack: Internet Explorer RCE 2021-26411

         CVE-2021-26855

AV: Exp.CVE-2021-26855

IPS: Attack: Microsoft Exchange Server CVE-2021-26855

CVE-2021-26857

IPS: Web Attack: Microsoft Exchange Server CVE-2021-26857

CVE-2021-26877

IPS: Attack: Windows DNS Server CVE-2021-26877

CVE-2021-26897

IPS: Attack: Windows DNS Server CVE-2021-26897

CVE-2021-27076

IPS: Web Attack: Microsoft Sharepoint Server CVE-2021-27076

Symantec Security Response continues to monitor in the wild usage and/or coverage feasibility for the other announced vulnerabilities and may add additional coverage where required*.

• February 2021
  
  For the February 2021 release Microsoft addressed 56 vulnerabilities.
  

Symantec has introduced the following protections based on available information.

CVE-2021-1698

              AV - Exp.CVE-2021-1698

CVE-2021-24074

              AV - Exp.CVE-2021-24074

CVE-2021-24078

              AV - Exp.CVE-2021-24078

CVE-2021-24086

              AV - Exp.CVE-2021-24086

CVE-2021-24094

              AV - Exp.CVE-2021-24094

CVE-2021-24072

IPS: Web Attack: XML External Entity Attack

Additional signatures are currently being investigated and may be toggled at a later date*

• January 2021
  
  For the January 2021 release Microsoft addressed 83  vulnerabilities.
  

Symantec has introduced the following protections based on available information.

CVE-2021-1647

AV - Exp.CVE-2021-1647

         CVE-2021-1707

IPS: Web Attack: Microsoft Sharepoint CVE-2021-1707

             Additional signatures are currently being investigated and may be toggled at a later date*

• December 2020
  

  
  For the December release Microsoft addressed 58 vulnerabilities.
  
  CVE-2020-17152

IPS - Attack: Microsoft Dynamics 365 CVE-2020-17152

Further updates will be made when they become available.

• November 2020

For the November release Microsoft addressed 112 vulnerabilities.

Symantec has introduced the following product detections based on available information:

CVE-2020-17087

AV - Exp.CVE-2020-17087

CVE-2020-17088

AV - Exp.CVE-2020-17088

CVE-2020-17053

IPS - Web Attack: Microsoft Internet Explorer CVE-2020-17053

Symantec continues to monitor in the wild usage and/or coverage feasibility for the other announced vulnerabilities and may add additional coverage where required.

• October 2020 

For the October release Microsoft addressed 87 vulnerabilities.

Symantec has introduced the following product detections based on available information:

CVE-2020-16898

AV - Exp.CVE-2020-16898

Symantec continues to monitor in the wild usage and/or coverage feasibility for the other announced vulnerabilities and may add additional coverage where required.

• September 2020 

For the August release Microsoft addressed 129 vulnerabilities.

Symantec has introduced the following product detections based on available information:

CVE-2020-0664

IPS - Attack: Microsoft Active Directory CVE-2020-0664

Symantec continues to monitor in the wild usage and/or coverage feasibility for the other announced vulnerabilities and may add additional coverage where required.

• August 2020 

For the August release Microsoft addressed 120 vulnerabilities.

Symantec has introduced the following product detections based on available information:

CVE-2020-1472

AV:  Exp.CVE-2020-1472
IPS: 
OS Attack: Microsoft Netlogon CVE-2020-1472
OS Attack: Microsoft Netlogon CVE-2020-1472 2
OS Attack: Microsoft Netlogon CVE-2020-1472 3

CVE-2020-1380

AV - Exp.CVE-2020-1380

IPS - Web Attack: Microsoft Internet Explorer CVE-2020-1380 

CVE-2020-1567

IPS - Web Attack: Internet Explorer Remote Code Execution

CVE-2020-1570 

IPS - Web Attack: Microsoft Internet Explorer CVE-2020-1570

CVE-2020-1587

AV - Exp.CVE-2020-1587

Symantec continues to monitor in the wild usage and/or coverage feasibility for the other announced vulnerabilities and may add additional coverage where required.

• July 2020

 For the July release Microsoft addressed 125 vulnerabilities.

Symantec has introduced the following product detections based on available information:

CVE-2020-1147

IPS - Web Attack: Microsoft .NET Framework CVE-2020-1147

CVE-2020-1403

IPS - Web Attack: Microsoft ActiveX Data Objects RCE CVE-2019-0888

CVE-2020-1410

IPS - Web Attack: Microsoft Windows Address Book CVE-2020-1410 Download

CVE-2020-1350

IPS - OS Attack: Microsoft DNS Server CVE-2020-1350

Symantec continues to monitor in the wild usage and/or coverage feasibility for the other announced vulnerabilities and may add additional coverage where required.

• Reference: 

AV Signatures:  https://www.broadcom.com/support/security-center/a-z

IPS Signatures: https://www.broadcom.com/support/security-center/attacksignatures

Symantec continues to monitor in the wild usage and/or coverage feasibility for the other announced vulnerabilities and may add additional coverage where required.