Snort mailing list archives
Snort Subscriber Rules Update 2016-12-13
From: Research <research () sourcefire com>
Date: Tue, 13 Dec 2016 19:49:42 GMT
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Talos Snort Subscriber Rules Update Synopsis: Talos is aware of vulnerabilities affecting products from Microsoft Corporation. Details: Microsoft Security Bulletin MS16-144: Microsoft Internet Explorer suffers from programming errors that may lead to remote code execution. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 40940 through 40941, 40969 through 40970, 40975 through 40976, 40986 through 40989, and 40992 through 40993. Microsoft Security Bulletin MS16-145: Microsoft Edge suffers from programming errors that may lead to remote code execution. Previously released rules will detect attacks targeting these vulnerabilities and have been updated with the appropriate reference information. They are also included in this release and are identified with GID 1, SIDs 36452 and 39242 through 39243. New rules to detect attacks targeting these vulnerabilities are also included in this release and are identified with GID 1, SIDs 40946, 40949 through 40950, 40969 through 40976, and 40986 through 40987. Microsoft Security Bulletin MS16-146: A coding deficiency exists in Microsoft Graphics Component that may lead to remote code execution. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 40967 through 40968 and 40982 through 40983. Microsoft Security Bulletin MS16-147: A coding deficiency exists in Microsoft Uniscribe that may lead to remote code execution. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 40942 through 40943. Microsoft Security Bulletin MS16-148: A coding deficiency exists in Microsoft Office that may lead to remote code execution. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 40938 through 40939, 40944 through 40945, 40951 through 40952, 40957 through 40966, and 40977 through 40978. Microsoft Security Bulletin MS16-149: A coding deficiency exists in Microsoft Windows that may lead to an escalation of privilege. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 40953 through 40956 and 40984 through 40985. Microsoft Security Bulletin MS16-151: A coding deficiency exists in a Microsoft Kernel-Mode driver that may lead to an escalation of privilege. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 40947 through 40948 and 40990. Microsoft Security Bulletin MS16-153: A coding deficiency exists in Microsoft Common Log File System Driver that may lead to information disclosure. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 40936 through 40937. Talos has also added and modified multiple rules in the browser-ie, file-executable, file-identify, file-office, file-other, file-pdf and os-windows rule sets to provide coverage for emerging threats from these technologies. For a complete list of new and modified rules please see: https://www.snort.org/advisories -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iEYEARECAAYFAlhQUNUACgkQs9U0LCYEKaCjSACfYM8rOJdm4QP4cfgbkKCK2Wht aFMAn3baZaZwdaPlomefLDdK0H5FKu8V =LNQn -----END PGP SIGNATURE----- ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot _______________________________________________ Snort-sigs mailing list Snort-sigs () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-sigs http://www.snort.org Please visit http://blog.snort.org for the latest news about Snort! Visit the Snort.org to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a href=" https://snort.org/downloads/#rule-downloads">emerging threats</a>!
Current thread:
- Snort Subscriber Rules Update 2016-12-13 Research (Dec 13)
- <Possible follow-ups>
- Snort Subscriber Rules Update 2016-12-13 Research (Dec 13)