Snort mailing list archives
Snort Subscriber Rules Update 2016-10-11
From: Research <research () sourcefire com>
Date: Tue, 11 Oct 2016 19:18:11 GMT
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Talos Snort Subscriber Rules Update Synopsis: Talos is aware of vulnerabilities affecting products from Microsoft Corporation. Details: Microsoft Security Bulletin MS16-118: Microsoft Internet Explorer suffers from programming errors that may lead to remote code execution. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 40364 through 40365, 40372 through 40375, 40378 through 40379, 40385 through 40386, 40396 through 40397, and 40420 through 40421. Microsoft Security Bulletin MS16-119: A coding deficiency exists in Microsoft Edge that may lead to remote code execution. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 40366 through 40367, 40370 through 40371, 40383 through 40384, 40404 through 40405, 40420 through 40421, and 40423 through 40424. Microsoft Security Bulletin MS16-120: A coding deficiency exists in Microsoft Graphics Component that may lead to remote code execution. Previously released rules will detect attacks targeting these vulnerabilities and have been updated with the appropriate reference information. They are also included in this release and are identified with GID 1, SIDs 39824 through 39825. New rules to detect attacks targeting these vulnerabilities are also included in this release and are identified with GID 1, SIDs 40408 through 40411 and 40425 through 40428. Microsoft Security Bulletin MS16-121: A coding deficiency exists in Microsoft Office that may lead to remote code execution. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 40368 through 40369. Microsoft Security Bulletin MS16-123: A coding deficiency exists in a Microsoft Kernel mode driver that may lead to an escalation of privilege. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 40376 through 40377, 40380 through 40381, 40392 through 40393, and 40418 through 40419. Microsoft Security Bulletin MS16-124: A coding deficiency exists in a Microsoft Windows Registry that may lead to an escalation of privilege. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 40394 through 40395, 40400 through 40403, and 40412 through 40413. Microsoft Security Bulletin MS16-125: A coding deficiency exists in a Microsoft Diagnostic Hub that may lead to an escalation of privilege. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 40398 through 40399. Microsoft Security Bulletin MS16-126: Microsoft Internet Explorer suffers from programming errors that may lead to an escalation of privilege. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 40364 through 40365. Talos also has added and modified multiple rules in the browser-firefox, browser-ie, browser-other, browser-plugins, deleted, exploit-kit, file-flash, file-identify, file-office, file-other, file-pdf, indicator-compromise, malware-cnc, os-windows, protocol-dns, protocol-ftp, server-apache and server-webapp rule sets to provide coverage for emerging threats from these technologies. For a complete list of new and modified rules please see: https://www.snort.org/advisories -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iEYEARECAAYFAlf9OvIACgkQs9U0LCYEKaCtxgCgwsBveVoEa1Y8eukVn8j6UuLr WGsAn0tiXUC0t4MqYaNMKLYF+Qozeafi =QKXB -----END PGP SIGNATURE----- ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot _______________________________________________ Snort-sigs mailing list Snort-sigs () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-sigs http://www.snort.org Please visit http://blog.snort.org for the latest news about Snort!
Current thread:
- Snort Subscriber Rules Update 2016-10-11 Research (Oct 11)
- <Possible follow-ups>
- Snort Subscriber Rules Update 2016-10-11 Research (Oct 11)