RELEASE NOTES FOR UPDATE PACKAGE 1201-5242

RELEASE DATE:    Wednesday November 13, 2019
MD5 CHECKSUM:    5a5b646d2216670e596bfefc48bda2a3
SHA1 CHECKSUM:    d8a6c4918dc95b085b28a4aafe7dccfe8328ac4d
SHA256 CHECKSUM:    626011c8305f81879206c39ef39b51e2738b39f92d86349a2bb63763eb7e5053

UPDATE CRITICALITY:    HIGH

MINIMUM SOFTWARE VERSIONS
- Forcepoint NGFW Security Management Center:    5.10.1.10027
- Forcepoint NGFW:    5.5.1.9848

This update package improves the detection capabilities of the Forcepoint NGFW system.

List of detected attacks in this update package:
Risk levelDescriptionReferenceVulnerability
High     An attempt to exploit a vulnerability in Internet Explorer detected     CVE-2019-1429     Internet_Explorer_Use_After_Free_Vulnerability_CVE-2019-1429
High     An attempt to exploit a vulnerability in Internet Explorer detected     CVE-2019-1390     Internet_Explorer_Use_After_Free_Vulnerability_CVE-2019-1390

Detected Attacks
Other Changes

DETECTED ATTACKS

NEW DETECTED ATTACKS:

Text File Stream

RiskVulnerability/SituationReferencesRelated FingerprintSituation Type
High Internet_Explorer_Use_After_Free_Vulnerability_CVE-2019-1429 CVE-2019-1429 File-Text_Internet_Explorer_Use_After_Free_Vulnerability_CVE-2019-1429 Suspected Compromise
High Internet_Explorer_Use_After_Free_Vulnerability_CVE-2019-1390 CVE-2019-1390 File-Text_Internet_Explorer_Use_After_Free_Vulnerability_CVE-2019-1390 Suspected Compromise

LIST OF OTHER CHANGES

NEW OBJECTS:
TypeName
CategoryMS2019-11
UPDATED OBJECTS:
TypeNameChanges
IPListTOR relay nodes IP Address List
IPListWhatsapp
IPListAmazon EC2
IPListAkamai Servers
IPListAmazon S3
IPListAmazon AMAZON

ACTIVATING THE UPDATE PACKAGE

1.    Ensure that the SHA256 checksum of the update package are correct.
2.    Open Admin Tools in the SMC GUI client.
3.    Right-click on the Updates folder and select "Import Update Packages".
4.    Right-click on the imported package and select Activate.
5.    Reinstall the system policy to take the changes into use. Custom policies may require manual updating.

DISCLAIMER AND COPYRIGHT

The information in this document is provided only for educational purposes and for the convenience of Forcepoint customers. The information contained herein is subject to change without notice, and is provided "AS IS" without guarantee or warranty as to the accuracy or applicability of the information to any specific situation, circumstance, or system configuration - use at your own risk. Forcepoint does not warrant or endorse any third-party products described herein. Forcepoint™ is a trademark of Forcepoint, LLC. SureView®, ThreatSeeker®, Triton®, Sidewinder®, and Stonesoft® are registered trademarks of Forcepoint, LLC. Raytheon® is a registered trademark of Raytheon Company. All other trademarks and registered trademarks are the property of their respective owners. Copyright © 2000-2019 Forcepoint LLC. All rights reserved.