Snort mailing list archives
Snort Subscriber Rules Update 2020-07-14
From: Research <research () sourcefire com>
Date: Tue, 14 Jul 2020 17:49:01 GMT
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Talos Snort Subscriber Rules Update Synopsis: Talos is aware of vulnerabilities affecting products from Microsoft Corporation. Details: Microsoft Vulnerability CVE-2020-1147: A coding deficiency exists in .NET Framework, SharePoint Server, and Visual Studio that may lead to remote code execution. A rule to detect attacks targeting this vulnerability is included in this release and is identified with GID 1, SID 54511. Microsoft Vulnerability CVE-2020-1350: A coding deficiency exists in Microsoft Windows DNS server that may lead to remote code execution. A rule to detect attacks targeting this vulnerability is included in this release and is identified with GID 1, SID 54518. Microsoft Vulnerability CVE-2020-1374: A coding deficiency exists in Remote Desktop Client that may lead to remote code execution. A rule to detect attacks targeting this vulnerability is included in this release and is identified with GID 1, SID 54523. Microsoft Vulnerability CVE-2020-1381: A coding deficiency exists in Microsoft Windows Graphics Component that may lead to an escalation of privilege. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 54521 through 54522. Microsoft Vulnerability CVE-2020-1382: A coding deficiency exists in Microsoft Windows Graphics Component that may lead to an escalation of privilege. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 54512 through 54515. Microsoft Vulnerability CVE-2020-1399: A coding deficiency exists in Microsoft Windows Runtime that may lead to an escalation of privilege. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 54534 through 54535. Microsoft Vulnerability CVE-2020-1403: A coding deficiency exists in Microsoft Windows VBScript that may lead to remote code execution. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 54509 through 54510. Microsoft Vulnerability CVE-2020-1410: A coding deficiency exists in Microsoft Windows Address Book that may lead to remote code execution. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 54528 through 54533. Microsoft Vulnerability CVE-2020-1426: A coding deficiency exists in Microsoft Windows Kernel that may lead to information disclosure. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 54516 through 54517. Talos also has added and modified multiple rules in the browser-chrome, browser-ie, file-executable, file-other, malware-cnc, malware-other, os-other, os-windows and server-webapp rule sets to provide coverage for emerging threats from these technologies. For a complete list of new and modified rules please see: https://www.snort.org/advisories -----BEGIN PGP SIGNATURE----- iQIcBAEBAgAGBQJfDfAMAAoJEPE/nha8pb+t0hcQAJUcEERirpsiHUPhpywSKWTR 7EnFSqO2NkIPeJ4/ry1oLoBboI/YZVsEZ5st7WniNdqEimi/gG4ooBd52NcfDMG4 lVoQGg/YgG03YQ0+lL6UJPNF7f0zL+mo93PgukPPmJnC7ukFXVDhn6XE15ChRtr4 svXlmLcgWE/qvsyDIYeu6aSEql8hTt156KZQ1bfAy/Fmgrdw8P+1bPOvVYlEDt81 yo+1gWysEdUEYIinL/PUQT3FalE3m0pdJIzMeO9lZCTgoSDfZsREIlYFuHmLFxMw EKRgUoeSW8Lgj3oCTH8hNKRc2m8+RCPRCIiD4MWldQn2pfUu8TRjE3Mt255PyTQc V4KNWJLh/GqW4feLyQfWt1MLi8CIhdcz9fWBYGhvrDKn1RPPtd8W0c9ig/n/0a9X 8xlxPWn7Z+/JjchdYeESeJtK4ZgWRfxdngKPR7Bjc+xZLzX9YyKiDwo7mxhkUeFI FyFzxNrY0dJZSLDcE3jwu9hoFLtUQW1bGU8bnjfNf7LJn3KJmHsTzQcihvcvnZDx ZqxvXMvmMCNl8Xr0CORkifKz8O7QXU6GA+BgJRaZ1Z4TIhtCRZcVDsY0C9cxVJjC Zxk7ua5Q27rrT079NcHaVW3LgqRPH3K5u5H2JlFGOQOQW4iABpOyTyNOkBqNH/aZ EDsVY/rvXxsKoNZX+BR/ =aDxw -----END PGP SIGNATURE----- _______________________________________________ Snort-sigs mailing list Snort-sigs () lists snort org https://lists.snort.org/mailman/listinfo/snort-sigs Please visit http://blog.snort.org for the latest news about Snort! Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette Visit the Snort.org to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a href=" https://snort.org/downloads/#rule-downloads">emerging threats</a>!
Current thread:
- Snort Subscriber Rules Update 2020-07-14 Research (Jul 14)