Possible detection issue with Deep Security Update 17-020 (CVE-2017-0171)

- Updated:
- 11 May 2017
- Product/Version:
- Deep Security 10.0
- Deep Security 9.0
- Deep Security 9.5
- Deep Security 9.6
- Platform:
- N/A N/A

Summary

Trend Micro is aware of a potential detection issue with Deep Security Update 17-020 (DSRU ID : 17-020). We are currently investigating the issue and will update this article with further details as they become available.

Details

Recommended Action

Trend Micro released an updated Deep Security rule DSRU 17-021 to mitigate the potential detection issue. Customers are advised to update to the latest Deep Security rule.

Temporary Workaround

If you are unable to update to the new rule, change the IPS rule's action to Detect Only mode:

Access the Deep Security Manager (DSM) web console.
Go to the Policies tab > Common Objects > Rules Intrusion Prevention Rules.
Search for the rule "1008332" and open its properties.
In the General tab, tick the Detect Only check box.
Click Apply and OK.

The procedure above should set the action for this rule to "Detect Only" once triggered.

Rating:

Category:

Troubleshoot

Solution Id:

1117377

Feedback

Did this article help you?

Thank you for your feedback!

What was the problem with this article?

The image(s) in the article did not display properly.

The article did not provide detailed procedure.

The article is hard to understand and follow.

The video did not play properly.

The article did not resolve my issue.

Others. Please specify.

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:

We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

Thanks for voting.

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:

We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.