Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Understanding the Apex One Vulnerability Protection (VP) Rules

    • Updated:
    • 10 Apr 2020
    • Product/Version:
    • Apex Central All
    • Apex One All
    • Apex One as a Service
    • Vulnerability Protection All
    • Platform:
    • N/A
Summary

The following article presents how Apex One Vulnerability Protection (VP) uses a multi-layer protection approach in blocking modern vulnerabilities.

Details
Public

Apex One Vulnerability Protection has been designed to be a simplified solution for new and emerging vulnerabilities by minimizing administration and deployment efforts.

The predefined rules in Apex One Vulnerability Protection have been fine-tuned and reviewed in our labs to work together with other Apex One features to have maximized protection from these threats.

Examples:

NameCVE DescriptionApex One VP
CVE-2020-0674: Scripting Engine Memory Corruption VulnerabilityThis is a known browser vulnerability and is treated as “in the wild”.There would be no need to create a rule for this vulnerability due to the following reason that the Vulnerability is covered by Browser Exploit Solution which is a component of Web Reputation. Browser Exploit Solution is a heuristic engine that detects browser vulnerabilities which are found “in the wild”.
CVE-2017-8759: .NET Framework Remote Code Execution VulnerabilityThis is a vulnerability that would involve a drive by download by opening a malicious file or application for browser preview or user time of click.This would not need to be covered by Apex One Vulnerability Protection as this should be detected by the Advanced Threat Scan Engine which is part of Real-time Scan. The action taken to this vulnerability would depend on the setting set by administrators.
CVE-2020-0601: Microsoft Windows CryptoAPI Spoofing VulnerabilityThis is a vulnerability where an attacker could exploit a vulnerability using a spoofed certificate to sign a malicious executable to make it look legitimate. This can then be used to conduct man in the middle attacks.A rule has been created on this since there is an available Proof of Concept. This would then cause the vulnerability to be easily exploited.

In summary, Apex One Vulnerability Protection is part of the multi-layer approach of the Apex One agent including Machine Learning, Behavior Monitoring, Browser Exploit Solution, Web Reputation and Real-time Scan, therefore providing the most effective technology and rules to maximize endpoint protection.

Premium
Internal
Partner
Rating:
Category:
SPEC
Solution Id:
000249795
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.