Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Snort Subscriber Rules Update 2019-12-10

From: Research <research () sourcefire com>
Date: Tue, 10 Dec 2019 18:14:53 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Talos Snort Subscriber Rules Update

Synopsis:
Talos is aware of vulnerabilities affecting products from Microsoft
Corporation.

Details:
Microsoft Vulnerability CVE-2019-1458:
A coding deficiency exists in Microsoft Win32k that may lead to an
escalation of privilege.

Rules to detect attacks targeting these vulnerabilities are included in
this release and are identified with GID 1, SIDs 52410 through 52411.

Microsoft Vulnerability CVE-2019-1469:
A coding deficiency exists in Microsoft Win32k that may lead to
information disclosure.

Rules to detect attacks targeting these vulnerabilities are included in
this release and are identified with GID 1, SIDs 52419 through 52420.

Microsoft Vulnerability CVE-2019-1485:
A coding deficiency exists in Microsoft Windows VBScript Engine that
may lead to remote code execution.

Rules to detect attacks targeting these vulnerabilities are included in
this release and are identified with GID 1, SIDs 52402 through 52403.


Talos also has added and modified multiple rules in the browser-ie,
browser-webkit, file-office, file-other, malware-backdoor,
malware-tools, os-windows and server-webapp rule sets to provide
coverage for emerging threats from these technologies.


For a complete list of new and modified rules please see:

https://www.snort.org/advisories
-----BEGIN PGP SIGNATURE-----

iQIcBAEBAgAGBQJd7+CcAAoJEPE/nha8pb+tZPoP/jYuJLVJX03HQMuAGOXCaCKO
JJ83SmPw6QBZ9wfKv/X609KTz5mpBl2wClgqAWqQpHQhGEVhwRLiMnb8h9UF21Sa
htV7Yf0N3agdUy9oqu4G3J7A8D63GyU6VudVH2eauumeT2gp4DJqPb6+MWyq6DoD
Uzm8/23IWH5oi2Au02fxHpkMHKaLo9Ahex9tU9M9h1d9Xfkaq1+5dmmL5/2+eotk
ZpE22oawVEwi7C3jhcLxF6agWhc6BIjPIB03+DMe7hcpOrg8nJ4tzKRZZ7BP7R6d
+btMn6xxBCe8AJi6/HcWBvpTYrDb3nkzLF969NXhQdEFZrUP+bY1vrrvEZG6wziQ
6uxeTy7vBDLq9mAAz7AhKdzk3gb8v0Jkc6Z2rJDcbj0CvHWoIuJW0QTzcGtbrUPz
reSAL5FK98OI2TZjs7Pu3LltLgBD/C/hoxiZl6zZRco9BbEgBP2P4Rj5EbYJsAVG
BXnGuZPpbxVRVbhgBAFEzN1LsOTC4r7znf5U9BN78e+bKlsjUEPIJ/RVrmnUdfwE
oYOwWbWZCYU6GwdmbcXm2gI4MB/0PQrEDCcs5W1LB64Nwg0Dq9s0GMt1zVlNQ1GS
2imkF2Mny1fyMDIy9O4xRiBCAS8GwLkJ//0MjmMrVd/BpuUju1TPV1iVmLa0/aMU
vnkQdgPUZJukTQ0yBNv/
=cHuE
-----END PGP SIGNATURE-----

_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists snort org
https://lists.snort.org/mailman/listinfo/snort-sigs

Please visit http://blog.snort.org for the latest news about Snort!

Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette

Visit the Snort.org to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a 
href=" https://snort.org/downloads/#rule-downloads";>emerging threats</a>!
Previous By Date Next
Previous By Thread Next

Current thread: