alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET POLICY Office Document Download Containing AutoExec? Macro"; flow:established,to_client; file_data; content:"A|00|u|00|t|00|o|00|E|00|x|00|e|00|c"; nocase; fast_pattern; reference:url,support.microsoft.com/kb/286310; classtype:policy-violation; sid:2019614; rev:3; metadata:created_at 2014_10_31, updated_at 2019_10_07;)

Added 2019-10-08 19:34:14 UTC


alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET POLICY Office Document Download Containing AutoExec? Macro"; flow:established,to_client; file_data; content:"A|00|u|00|t|00|o|00|E|00|x|00|e|00|c"; nocase; fast_pattern:only; reference:url,support.microsoft.com/kb/286310; classtype:policy-violation; sid:2019614; rev:2; metadata:created_at 2014_10_31, updated_at 2014_10_31;)

Added 2018-09-13 19:49:42 UTC


Added 2018-09-13 17:59:14 UTC


alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET POLICY Office Document Download Containing AutoExec? Macro"; flow:established,to_client; file_data; content:"A|00|u|00|t|00|o|00|E|00|x|00|e|00|c"; nocase; fast_pattern:only; reference:url,support.microsoft.com/kb/286310; classtype:policy-violation; sid:2019614; rev:2; metadata:created_at 2014_10_31, updated_at 2014_10_31;)

Added 2017-08-07 21:13:54 UTC


alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET POLICY Office Document Download Containing AutoExec? Macro"; flow:established,to_client; file_data; content:"A|00|u|00|t|00|o|00|E|00|x|00|e|00|c"; nocase; fast_pattern:only; reference:url,support.microsoft.com/kb/286310; classtype:policy-violation; sid:2019614; rev:2;)

Added 2014-10-31 16:13:15 UTC


Topic revision: r1 - 2019-10-08 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats