Exploit Prevention Content version update 13305 for Endpoint Security and Host Intrusion Prevention is now available.
This update was posted to the update repository on February 14, 2024.
Summary of this release:
- New Signature 6275: T1218.007 Fileless Threat: MSIEXEC.EXE Abuse For Proxy Execution Of Possibly Malicious Code
- New Signature 6276: DLL Sideloading Attempt By Microsoft .NET Framework Optimization Service
- New Signature 6277: T1218.010 Regsvr32.exe Abuse For Proxy Execution Of Possibly Malicious Code
For more information, see the Release Notes.