Snort mailing list archives
Snort Subscriber Rules Update 2019-01-08
From: Research <research () sourcefire com>
Date: Tue, 8 Jan 2019 19:02:01 GMT
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Talos Snort Subscriber Rules Update Synopsis: Talos is aware of vulnerabilities affecting products from Microsoft Corporation. Details: Microsoft Vulnerability CVE-2019-0539: A coding deficiency exists in Microsoft Chakra Scripting Engine that may lead to remote code execution. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 48772 through 48773. Microsoft Vulnerability CVE-2019-0541: A coding deficiency exists in Microsoft Internet Explorer that may lead to remote code execution. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 48782 through 48783. Microsoft Vulnerability CVE-2019-0543: A coding deficiency exists in Microsoft Windows that may lead to elevation of privilege. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 48807 through 48808. Microsoft Vulnerability CVE-2019-0552: A coding deficiency exists in Microsoft Windows COM that may lead to elevation of privilege. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 48787 through 48788. Microsoft Vulnerability CVE-2019-0555: A coding deficiency exists in Microsoft XmlDocument that may lead to elevation of privilege. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 48795 through 48798. Microsoft Vulnerability CVE-2019-0565: A coding deficiency exists in Microsoft Edge that may lead to remote code execution. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 48770 through 48771. Microsoft Vulnerability CVE-2019-0566: A coding deficiency exists in Microsoft Edge that may lead to elevation of privilege. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 48809 through 48810. Microsoft Vulnerability CVE-2019-0567: A coding deficiency exists in Microsoft Chakra Scripting Engine that may lead to remote code execution. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 48780 through 48781. Microsoft Vulnerability CVE-2019-0568: A coding deficiency exists in Microsoft Chakra Scripting Engine that may lead to remote code execution. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 48778 through 48779. Microsoft Vulnerability CVE-2019-0569: A coding deficiency exists in Microsoft Windows Kernel that may lead to information disclosure. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 48789 through 48790. Microsoft Vulnerability CVE-2019-0572: A coding deficiency exists in Microsoft Windows Data Sharing Service that may lead to elevation of privilege. A rule to detect attacks targeting this vulnerability is included in this release and is identified with GID 1, SID 48776 and 48777. Microsoft Vulnerability CVE-2019-0573: A coding deficiency exists in Microsoft Windows Data Sharing Service that may lead to elevation of privilege. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 48793 through 48794. Microsoft Vulnerability CVE-2019-0574: A coding deficiency exists in Microsoft Windows Data Sharing Service that may lead to elevation of privilege. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with GID 1, SIDs 48768 through 48769. Talos also has added and modified multiple rules in the browser-ie, file-executable, file-other, file-pdf, malware-cnc, malware-other, os-windows and server-webapp rule sets to provide coverage for emerging threats from these technologies. For a complete list of new and modified rules please see: https://www.snort.org/advisories -----BEGIN PGP SIGNATURE----- iQIcBAEBAgAGBQJcNPOoAAoJEPE/nha8pb+thssQAM77/8dvRga8kSPmvbIvLwZQ KJdxFLve/I2aMKVyfh7Mir4NA/btMqVr2D5GngOVDdV1Gzzl9mggqQ4InpEa7Hbt p6YMQpkeeZsotJlL4SEr1UcZhp2uLTEcStGaGu2rtTnudZ0jYfmhOMqC9pJWFZnP W7UHkKD5395zcTMbEFT8/KE/gjtly3d6u0sIPewJ5+d/AXMTUoRcngIT2aRC13q2 utJwca/AjZ9d2wevQCBokbNU/Kz40lkvXEHMQ++ZFoFGn/OSJAO0SHqUq38yJn1n Rcytgv0MX9NsOJzztF/1TnBJ3mEnQOzUUX82v+Ms6IPf367SIvwf739toeTHAThR EcFCH7awe1G5s1oYWlHA+bss+cpgqWogHpg+sMokp31sJN9LsxXHMjcGtbTGoyOm CHf6NgePWR8a9poyYw4mEzA/++I+5NouI7zlkIHQ7hkpaAIFrjJagCS3eFboL/zD f1xEyorbznQAJ4eZedaqBCf76yXs/001YXFnEwCCq3xq8btBL2ZdbvzImANZ4fZG OLAb88M4sTizBeJ2DjZFr0lxxCc/tPMjXYvx7tThiEIRXIl07lcCo80mCJJlwF6t XWwEbTPhiVlHvbY3WASsikAl/mMkufvRJf72l0Zwb2JNIl229eEjFzHfTk9cb494 FGHmF+WtcIR2Aefb/ZoO =k5BV -----END PGP SIGNATURE----- _______________________________________________ Snort-sigs mailing list Snort-sigs () lists snort org https://lists.snort.org/mailman/listinfo/snort-sigs Please visit http://blog.snort.org for the latest news about Snort! Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette Visit the Snort.org to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a href=" https://snort.org/downloads/#rule-downloads">emerging threats</a>!
Current thread:
- Snort Subscriber Rules Update 2019-01-08 Research (Jan 08)