Snort mailing list archives
Snort Subscriber Rules Update 2016-03-08
From: Research <research () sourcefire com>
Date: Tue, 8 Mar 2016 18:27:40 GMT
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Talos Snort Subscriber Rules Update Synopsis: Talos is aware of vulnerabilities affecting products from Microsoft Corporation. Details: Microsoft Security Bulletin MS16-023: Microsoft Internet Explorer suffers from programming errors that may lead to remote code execution. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 38065 through 38070, 38081 through 38082, 38085 through 38086, 38088 through 38091, 38094 through 38099, 38108 through 38109, 38112 through 38113, 38117 through 38118, and 38122 through 38123. Microsoft Security Bulletin MS16-024: A coding deficiency exists in Microsoft Edge that may lead to remote code execution. Previously released rules will detect attacks targeting this vulnerability and have been updated with the appropriate reference information. They are included in this release and are identified with GID 1, SIDs 37279 through 37280. New rules to detect attacks targeting these vulnerabilities are also included in this release and are identified with GID 1, SIDs 38106 through 38107. Microsoft Security Bulletin MS16-026: A coding deficiency exists in Microsoft Graphic Fonts that may lead to remote code execution. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 38063 through 38064. Microsoft Security Bulletin MS16-027: A coding deficiency exists in Microsoft Windows Media Player that may lead to remote code execution. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 38079 through 38080 and 38124 through 38125. Microsoft Security Bulletin MS16-028: A coding deficiency exists in Microsoft Windows PDF Library that may lead to remote code execution. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 38073 through 38078. Microsoft Security Bulletin MS16-029: A coding deficiency exists in Microsoft Office that may lead to remote code execution. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 38100 through 38101 and 38126 through 38129. Microsoft Security Bulletin MS16-030: A coding deficiency exists in Microsoft Windows OLE that may lead to remote code execution. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 38110 through 38111. Microsoft Security Bulletin MS16-031: A coding deficiency exists in Microsoft Windows that may lead to an escalation of privilege. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 38092 through 38093. Microsoft Security Bulletin MS16-032: A coding deficiency exists in Microsoft Secondary Logon that may lead to an escalation of privilege. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 38114 through 38115. Microsoft Security Bulletin MS16-034: A coding deficiency exists in Microsoft Kernel Mode Drivers that may lead to an escalation of privilege. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 38061 through 38062, 38071 through 38072, 38083 through 38084, and 38119 through 38120. Talos also has added and modified multiple rules in the browser-ie, exploit-kit, file-multimedia, file-office, file-other, indicator-obfuscation, malware-cnc and server-webapp rule sets to provide coverage for emerging threats from these technologies. For a complete list of new and modified rules please see: https://www.snort.org/advisories -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iD8DBQFW3xmcs9U0LCYEKaARAsNcAJ43Au//WZN6YKqPm0u4OKiZ21jMZACgwkup V1VVsEXWsmBhX8BYBiNWPq4= =2sY0 -----END PGP SIGNATURE----- ------------------------------------------------------------------------------ Transform Data into Opportunity. Accelerate data analysis in your applications with Intel Data Analytics Acceleration Library. Click to learn more. http://makebettercode.com/inteldaal-eval _______________________________________________ Snort-sigs mailing list Snort-sigs () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-sigs http://www.snort.org Please visit http://blog.snort.org for the latest news about Snort!
Current thread:
- Snort Subscriber Rules Update 2016-03-08 Research (Mar 08)