The following Trellix Intrusion Prevention System (IPS) Signature Set has been released and is now available:
NOTES:
- Enable Microsoft Office Deep File Inspection (DFI) in the IPS Policy Inspection Options for 'HTTP: Microsoft Office Remote Code Execution Vulnerability (CVE-2023-36884) (0x452d8200)'.
- Customers on IPS 9.x can use the GTI feature to detect the exploits corresponding to CVE-2023-36884. The DFI feature is not supported on Sensor 9.x.
For updated Signature Set information, see the following Knowledge Base articles:
NOTE: These articles are available only to logged in ServicePortal users. To view the articles, click the link and log in when prompted.
Signature Set releases are available from the
Product Downloads site.
