Snort mailing list archives
Snort Subscriber Rules Update 2016-05-10
From: Research <research () sourcefire com>
Date: Tue, 10 May 2016 18:19:37 GMT
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Talos Snort Subscriber Rules Update Synopsis: Talos is aware of vulnerabilities affecting products from Microsoft Corporation. Details: Microsoft Security Bulletin MS16-051: Microsoft Internet Explorer suffers from programming errors that may lead to remote code execution. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 38763 through 38764, 38780 through 38781, 38828 through 38829, and 38841 through 38842. Microsoft Security Bulletin MS16-052: A coding deficiency exists in Microsoft Edge that may lead to remote code execution. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 38776 through 38777 and 38805 through 38806. Microsoft Security Bulletin MS16-053: A coding deficiency exists in Microsft JScript and VBScript that may lead to remote code execution. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 38828 through 38829. Microsoft Security Bulletin MS16-054: A coding deficiency exists in Microsoft Office that may lead to remote code execution. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 38782 through 38783 and 38785 through 38786. Microsoft Security Bulletin MS16-055: A coding deficiency exists in Microsoft Graphics Component that may lead to remote code execution. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 38768 through 38773, 38797 through 38798, and 38816 through 38817. Microsoft Security Bulletin MS16-056: A coding deficiency exists in Microsoft Windows Journal that may lead to remote code execution. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 38810 through 38815. Microsoft Security Bulletin MS16-059: A coding deficiency exists in Microsoft Windows Media Center that may lead to remote code execution. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 38778 through 38779. Microsoft Security Bulletin MS16-060: A coding deficiency exists in the Microsoft Kernel that may lead to an escalatin of privilege. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 38803 through 38804. Microsoft Security Bulletin MS16-061: A coding deficiency exists in Microsoft RPC that may lead to an escalation of privilege. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 38839 through 38840. Microsoft Security Bulletin MS16-062: A coding deficiency exists in Microsoft Kernel-Mode drivers that may lead to an escalation of privilege. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 38759 through 38762, 38765 through 38766, 38774 through 38775, 38787 through 38788, 38801 through 38802, and 38808 through 38809. Talos has added and modified multiple rules in the browser-ie, exploit-kit, file-flash, file-image, file-office, file-other, file-pdf, indicator-compromise, malware-cnc, os-windows, policy-other and server-webapp rule sets to provide coverage for emerging threats from these technologies. For a complete list of new and modified rules please see: https://www.snort.org/advisories -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iD8DBQFXMiY5s9U0LCYEKaARArfSAJ9fH7hkqA+Awbz1ojqSnLfoFJWCCwCfdReB +B2J37//FGNaf6CniBRyfus= =65KK -----END PGP SIGNATURE----- ------------------------------------------------------------------------------ Mobile security can be enabling, not merely restricting. Employees who bring their own devices (BYOD) to work are irked by the imposition of MDM restrictions. Mobile Device Manager Plus allows you to control only the apps on BYO-devices by containerizing them, leaving personal data untouched! https://ad.doubleclick.net/ddm/clk/304595813;131938128;j _______________________________________________ Snort-sigs mailing list Snort-sigs () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-sigs http://www.snort.org Please visit http://blog.snort.org for the latest news about Snort!
Current thread:
- Snort Subscriber Rules Update 2016-05-10 Research (May 10)