Exploit Prevention Content version update 13123 for Endpoint Security (ENS) and Host Intrusion Prevention (Host IPS) is now available.
This update was posted to the update repository on October 11, 2023.
Summary of this release:
- New signature 6266: T1562 - AMSI Bypass - AmsiScanString Memory Patch (applicable on both ENS and Host IPS)
- New signature 6267: T1036 - Masquerading PowerShell via PEB (applicable on both ENS and Host IPS)
For more information, see the Release Notes.