Snort mailing list archives
Snort Subscriber Rules Update 2022-04-12
From: Research <research () sourcefire com>
Date: Tue, 12 Apr 2022 19:58:41 GMT
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Talos Snort Subscriber Rules Update Synopsis: Talos is aware of vulnerabilities affecting products from Microsoft Corporation. Details: Microsoft Vulnerability CVE-2022-24474: A coding deficiency exists in Microsoft Win32k that may lead to an escalation of privilege. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 59497 through 59498. Microsoft Vulnerability CVE-2022-24481: A coding deficiency exists in Microsoft Windows Common Log File System driver that may lead to an escalation of privilege. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 59521 through 59522. Microsoft Vulnerability CVE-2022-24491: A coding deficiency exists in Microsoft Windows Network File System that may lead to remote code execution. A rule to detect attacks targeting this vulnerability is included in this release and is identified with GID 1, SID 59534 through 59535. Microsoft Vulnerability CVE-2022-24497: A coding deficiency exists in Microsoft Windows Network File System that may lead to remote code execution. A rule to detect attacks targeting this vulnerability is included in this release and is identified with GID 1, SID 59533. Microsoft Vulnerability CVE-2022-24521: A coding deficiency exists in Microsoft Windows Common Log File System driver that may lead to an escalation of privilege. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 59523 through 59524. Microsoft Vulnerability CVE-2022-24542: A coding deficiency exists in Microsoft Win32k that may lead to an escalation of privilege. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 59525 through 59526. Microsoft Vulnerability CVE-2022-24546: A coding deficiency exists in Microsoft DWM Core Library that may lead to an escalation of privilege. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 59529 through 59530. Microsoft Vulnerability CVE-2022-24547: A coding deficiency exists in Microsoft Windows Digital Media Receiver that may lead to an escalation of privilege. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 59531 through 59532. Microsoft Vulnerability CVE-2022-26904: A coding deficiency exists in Microsoft Windows User Profile Service that may lead to an escalation of privilege. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 59511 through 59512. Microsoft Vulnerability CVE-2022-26914: A coding deficiency exists in Microsoft Win32k that may lead to an escalation of privilege. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 59519 through 59520. Talos also has added and modified multiple rules in the file-image, file-other, malware-cnc, os-windows, protocol-ftp, protocol-other, protocol-scada, pua-other, server-apache and server-webapp rule sets to provide coverage for emerging threats from these technologies. For a complete list of new and modified rules please see: https://www.snort.org/advisories -----BEGIN PGP SIGNATURE----- iQIcBAEBAgAGBQJiVdnuAAoJEGCbAk8rPt0H9nQP/RsOyla8cUd78Wgz7H5L64Dk elE3Q/YYGfMwgu8xlk2vWgNCvUDwsvKxqJRG/NAama04zjIsb3Qe9D0u6jCIqviI 717a733x4ENmi1oPSk+k47CFtN4zHcXbdjogbaLDDZXK8PmkEtuKfxXAJ2n/b9RF 0lbto17gahMHukRj8OoaduSoFtyPda36uSxN/H6zf7ytcagHVDtcpHApUQsIeQ4N W5HjmLehYFEbvMQ6eG1MHi2kqKIkKb/iK6veim+AxMHwfuHGMToKyWwvSFbxhhTr i3TBNPu1Qp4wyw2gMwR09IJP6A/7FHCZIzT8gUcCo2r+r3GfrirnKanMdQ1DzJGP lWGD6aRlXWQ0Y4Aj2Vw+9CA05B09UeCioOpSSoQAvd0sNxjj4+AwDGiCAB3AynNf 0OVYch3GqU4wuOaz0LGf/q90GPtjVCC870IAE+HSXbt+qaION8M6UK3yUu5iU8lp Eg9l++1fVr+0FyPOw0Nh7R3sn9ARgbJqWLQrNJ1fiNIsmBssEBlb+qudJU+QUS4Y vJt7ZyFBlk/W48ODljtDsmX74L+qf7tpztd7uiWaywNpUkwP8KOPCV+pM1TJM6yj ZiS0jhmrtelS8jt4YsPya+wx633nB2HNwBR1dDbq7bojySoumQlGKxf+RgwB4pKU HWEO1nSsHjIatTiBdy/c =5xT0 -----END PGP SIGNATURE----- _______________________________________________ Snort-sigs mailing list Snort-sigs () lists snort org https://lists.snort.org/mailman/listinfo/snort-sigs Please visit http://blog.snort.org for the latest news about Snort! Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette Visit the Snort.org to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a href=" https://snort.org/downloads/#rule-downloads">emerging threats</a>!
Current thread:
- Snort Subscriber Rules Update 2022-04-12 Research (Apr 12)