Snort Subscriber Rules Update 2015-09-08

[Research <research () sourcefire com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Talos Snort Subscriber Rules Update

Synopsis:
Talos is aware of vulnerabilities affecting products from Microsoft
Corporation.

Details:
Microsoft Security Bulletin MS15-094:
Microsoft Internet Explorer suffers from programming errors that may
lead to remote code execution.

Rules to detect attacks targeting these vulnerabilities are included in
this release and are identified with GID 1, SIDs 35955 through 35960,
35963 through 35972, 35975 through 35976, 35990 through 35993, 35998
through 35999, 36004 through 36009, and 36018 through 36021.

Microsoft Security Bulletin MS15-095:
A coding deficiency exists in Microsoft Edge that may lead to remote
code execution.

Rules to detect attacks targeting these vulnerabilities are included in
this release and are identified with GID 1, SIDs 35963 through 35966.

Microsoft Security Bulletin MS15-097:
A coding deficiency exists in a Microsoft Graphics Component that may
lead to remote code execution.

Previously released rules will detect attacks targeting this
vulnerability and have been updated with the appropriate reference
information. They are included in this release and are identified with
GID 1, SIDs 33765 through 33766 and 35719 through 35720.

New rules to detect attacks targeting these vulnerabilities are also
included in this release and are identified with GID 1, SIDs 35973
through 35974, 35984 through 35989, 35994 through 35995, and 36016
through 36017.

Microsoft Security Bulletin MS15-098:
A coding deficiency exists in Microsoft Windows Journal that may lead
to remote code execution.

Rules to detect attacks targeting these vulnerabilities are included in
this release and are identified with GID 1, SIDs 35961 through 35962.

Microsoft Security Bulletin MS15-099:
A coding deficiency exists in Microsoft Office that may lead to remote
code execution.

Rules to detect attacks targeting these vulnerabilities are included in
this release and are identified with GID 1, SIDs 35996 through 35997
and 36000 through 36003.

Microsoft Security Bulletin MS15-100:
A coding deficiency exists in Microsoft Windows Media Center that may
lead to remote code execution.

Rules to detect attacks targeting these vulnerabilities are included in
this release and are identified with GID 1, SIDs 35982 through 35983.

Microsoft Security Bulletin MS15-101:
A coding deficiency exists in the Microsoft .NET Framework that may
lead to escalation of privilege.

Rules to detect attacks targeting these vulnerabilities are included in
this release and are identified with GID 1, SIDs 36014 through 36015.

Microsoft Security Bulletin MS15-102:
A coding deficiency exists in Microsoft Task Management that may lead
to escalation of privilege.

Rules to detect attacks targeting these vulnerabilities are included in
this release and are identified with GID 1, SIDs 35977 through 35978
and 36010 through 36013.

Talos has also added and modified multiple rules in the app-detect,
browser-ie, file-executable, file-flash, file-identify, file-office,
file-other, malware-other and server-mail rule sets to provide coverage
for emerging threats from these technologies.


For a complete list of new and modified rules please see:

https://www.snort.org/advisories
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFV7zDos9U0LCYEKaARAl3LAKCPtJjRCeJ52cFr9KODk2f5UbIhDACfbfvm
yDp1Od52sg0PdVuD9goHApw=
=CMGp
-----END PGP SIGNATURE-----


------------------------------------------------------------------------------
_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
http://www.snort.org


Please visit http://blog.snort.org for the latest news about Snort!