Exploit Prevention Content version update 13535 for Endpoint Security and Host Intrusion Prevention (Host IPS) is now available.
This update was posted to the update repository on October 9, 2024.
Summary of the Release
- New Signature 6238: T1112 - AMSI Bypass - Registry Modification (applicable on Host IPS only)
- New Signature 6240: Suspicious DLL Loading by calc (applicable on Host IPS only)
- New Signature 6261: MOVEit Transfer SQLi Vulnerability (applicable on Host IPS only)
- Bug fixes and improvements of existing Exploit Prevention signatures
For more information, see the Release Notes.