This document describes current Symantec product detections for the Microsoft vulnerabilities for which Microsoft releases patches in their monthly Security Bulletins.
Note: This article will update monthly according to the bulletin release schedule.
For the December release Microsoft addressed 58 vulnerabilities.
At this time, Symantec is still in the process of investigating potential signatures based on the available information. Further updates will be made when they become available.
For the November release Microsoft addressed 112 vulnerabilities.
Symantec has introduced the following product detections based on available information:
CVE-2020-17087
AV - Exp.CVE-2020-17087
CVE-2020-17088
AV - Exp.CVE-2020-17088
CVE-2020-17053
IPS - Web Attack: Microsoft Internet Explorer CVE-2020-17053
Symantec continues to monitor in the wild usage and/or coverage feasibility for the other announced vulnerabilities and may add additional coverage where required.
For the October release Microsoft addressed 87 vulnerabilities.
Symantec has introduced the following product detections based on available information:
CVE-2020-16898
AV - Exp.CVE-2020-16898
Symantec continues to monitor in the wild usage and/or coverage feasibility for the other announced vulnerabilities and may add additional coverage where required.
For the August release Microsoft addressed 129 vulnerabilities.
Symantec has introduced the following product detections based on available information:
CVE-2020-0664
IPS - Attack: Microsoft Active Directory CVE-2020-0664
Symantec continues to monitor in the wild usage and/or coverage feasibility for the other announced vulnerabilities and may add additional coverage where required.
For the August release Microsoft addressed 120 vulnerabilities.
Symantec has introduced the following product detections based on available information:
AV: Exp.CVE-2020-1472
IPS:
OS Attack: Microsoft Netlogon CVE-2020-1472
OS Attack: Microsoft Netlogon CVE-2020-1472 2
OS Attack: Microsoft Netlogon CVE-2020-1472 3
AV - Exp.CVE-2020-1380
IPS - Web Attack: Microsoft Internet Explorer CVE-2020-1380
CVE-2020-1567
IPS - Web Attack: Internet Explorer Remote Code Execution
CVE-2020-1570
IPS - Web Attack: Microsoft Internet Explorer CVE-2020-1570
CVE-2020-1587
AV - Exp.CVE-2020-1587
Symantec continues to monitor in the wild usage and/or coverage feasibility for the other announced vulnerabilities and may add additional coverage where required.
For the July release Microsoft addressed 125 vulnerabilities.
Symantec has introduced the following product detections based on available information:
CVE-2020-1147
IPS - Web Attack: Microsoft .NET Framework CVE-2020-1147
CVE-2020-1403
IPS - Web Attack: Microsoft ActiveX Data Objects RCE CVE-2019-0888
CVE-2020-1410
IPS - Web Attack: Microsoft Windows Address Book CVE-2020-1410 Download
CVE-2020-1350
IPS - OS Attack: Microsoft DNS Server CVE-2020-1350
Symantec continues to monitor in the wild usage and/or coverage feasibility for the other announced vulnerabilities and may add additional coverage where required.
AV Signatures: https://www.broadcom.com/support/security-center/a-z
IPS Signatures: https://www.broadcom.com/support/security-center/attacksignatures
Symantec continues to monitor in the wild usage and/or coverage feasibility for the other announced vulnerabilities and may add additional coverage where required.
Please inquire with your Support agent for more information.