Snort mailing list archives
Sourcefire VRT Certified Snort Rules Update 2011-11-07
From: Research <research () sourcefire com>
Date: Mon, 7 Nov 2011 15:21:55 -0500 (EST)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Sourcefire VRT Certified Snort Rules Update Synopsis: The Sourcefire VRT is aware of a vulnerability affecting hosts using the Microsoft Windows operating system. Details: Microsoft Security Advisory (2639658): The Microsoft Windows TrueType font parsing engine contains a vulnerability that may allow a remote attacker to execute code on an affected system. A succesful exploitation of this vulnerability may allow the attacker to execute code in kernel mode. This vulnerability is also related to the Duqu malware. A rule to detect attacks targeting this vulnerability is included in this release and is identified with GID 3, SID 20539. For a complete list of new and modified rules please see: http://www.snort.org/vrt/docs/ruleset_changelogs/changes-2011-11-07.html -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iD8DBQFOuD3jaBoqZBVJfwMRAijNAJ4yOFdL/V2CFglhG9RPvXNFedh5aQCfTTA/ gHwQDTqtv4MaT4dFBeKy3r0= =ARH6 -----END PGP SIGNATURE----- ------------------------------------------------------------------------------ RSA(R) Conference 2012 Save $700 by Nov 18 Register now http://p.sf.net/sfu/rsa-sfdev2dev1 _______________________________________________ Snort-sigs mailing list Snort-sigs () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-sigs http://www.snort.org Please visit http://blog.snort.org for the latest news about Snort!
Current thread:
- Sourcefire VRT Certified Snort Rules Update 2011-11-07 Research (Nov 07)