Snort mailing list archives
Snort Subscriber Rules Update 2015-09-08
From: Research <research () sourcefire com>
Date: Tue, 8 Sep 2015 19:03:04 GMT
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Talos Snort Subscriber Rules Update Synopsis: Talos is aware of vulnerabilities affecting products from Microsoft Corporation. Details: Microsoft Security Bulletin MS15-094: Microsoft Internet Explorer suffers from programming errors that may lead to remote code execution. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 35955 through 35960, 35963 through 35972, 35975 through 35976, 35990 through 35993, 35998 through 35999, 36004 through 36009, and 36018 through 36021. Microsoft Security Bulletin MS15-095: A coding deficiency exists in Microsoft Edge that may lead to remote code execution. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 35963 through 35966. Microsoft Security Bulletin MS15-097: A coding deficiency exists in a Microsoft Graphics Component that may lead to remote code execution. Previously released rules will detect attacks targeting this vulnerability and have been updated with the appropriate reference information. They are included in this release and are identified with GID 1, SIDs 33765 through 33766 and 35719 through 35720. New rules to detect attacks targeting these vulnerabilities are also included in this release and are identified with GID 1, SIDs 35973 through 35974, 35984 through 35989, 35994 through 35995, and 36016 through 36017. Microsoft Security Bulletin MS15-098: A coding deficiency exists in Microsoft Windows Journal that may lead to remote code execution. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 35961 through 35962. Microsoft Security Bulletin MS15-099: A coding deficiency exists in Microsoft Office that may lead to remote code execution. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 35996 through 35997 and 36000 through 36003. Microsoft Security Bulletin MS15-100: A coding deficiency exists in Microsoft Windows Media Center that may lead to remote code execution. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 35982 through 35983. Microsoft Security Bulletin MS15-101: A coding deficiency exists in the Microsoft .NET Framework that may lead to escalation of privilege. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 36014 through 36015. Microsoft Security Bulletin MS15-102: A coding deficiency exists in Microsoft Task Management that may lead to escalation of privilege. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 35977 through 35978 and 36010 through 36013. Talos has also added and modified multiple rules in the app-detect, browser-ie, file-executable, file-flash, file-identify, file-office, file-other, malware-other and server-mail rule sets to provide coverage for emerging threats from these technologies. For a complete list of new and modified rules please see: https://www.snort.org/advisories -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iD8DBQFV7zDos9U0LCYEKaARAl3LAKCPtJjRCeJ52cFr9KODk2f5UbIhDACfbfvm yDp1Od52sg0PdVuD9goHApw= =CMGp -----END PGP SIGNATURE----- ------------------------------------------------------------------------------ _______________________________________________ Snort-sigs mailing list Snort-sigs () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-sigs http://www.snort.org Please visit http://blog.snort.org for the latest news about Snort!
Current thread:
- Snort Subscriber Rules Update 2015-09-08 Research (Sep 08)