Merge pull request #11648 from Kisbogyi/WebpCheckFix

Fix boolean check in PossibleWebpBufferOverflow rule

Solutions/Cisco Meraki Events via REST API/ReleaseNotes.md

@@ -1,5 +1,5 @@
 | **Version** | **Date Modified (DD-MM-YYYY)** | **Change History**                                                 |
 |-------------|--------------------------------|--------------------------------------------------------------------|
-| 3.0.2       | 10-01-2025                     | Preview tag removed from **Data Connector**. Making connector Global     |
+| 3.0.2       | 10-01-2025                     | Transitioned the **CCP Connector** to General Availability (GA).    |
 | 3.0.1       | 30-09-2024                     | Cisco Meraki via REST API configuration Changes pagination fix     |
-| 3.0.0       | 27-12-2023                     | Added Solution with CCP connector                                  |
+| 3.0.0       | 27-12-2023                     | Initial Solution Release with new addition of **CCP Connector**                                  |

Solutions/Microsoft Defender XDR/Analytic Rules/PossibleWebpBufferOverflow.yaml

@@ -29,7 +29,7 @@ query: |-
       | where CveId == "CVE-2023-4863"
       | distinct DeviceId;
   union DeviceProcessEvents, DeviceNetworkEvents, DeviceEvents
-  | where DeviceId in (VulnDevices) and InitiatingProcessCommandLine has(".webp") or ProcessCommandLine has(".webp")
+  | where DeviceId in (VulnDevices) and (InitiatingProcessCommandLine has(".webp") or ProcessCommandLine has(".webp"))
   | extend Name = tostring(split(AccountUpn, "@")[0]), UPNSuffix = tostring(split(AccountUpn, "@")[1])
   | extend HostName = tostring(split(DeviceName, ".")[0]), DomainIndex = toint(indexof(DeviceName, '.'))
   | extend HostNameDomain = iff(DomainIndex != -1, substring(DeviceName, DomainIndex + 1), DeviceName)
@@ -84,4 +84,4 @@ alertDetailsOverride:
   alertDynamicProperties: []
 eventGroupingSettings:
   aggregationKind: SingleAlert
-version: 1.1.1
+version: 1.1.2