Snort mailing list archives
Snort Subscriber Rules Update 2024-01-09
From: Research <research () sourcefire com>
Date: Tue, 9 Jan 2024 18:38:35 GMT
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Talos Snort Subscriber Rules Update Synopsis: Talos is aware of vulnerabilities affecting products from Microsoft Corporation. Details: Microsoft Vulnerability CVE-2024-20653: A coding deficiency exists in Microsoft Common Log File System that may lead to an escalation of privilege. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with: Snort 2: GID 1, SIDs 62854 through 62859, Snort 3: GID 1, SIDs 300799 through 300801. Microsoft Vulnerability CVE-2024-20683: A coding deficiency exists in Microsoft Win32k that may lead to an escalation of privilege. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with: Snort 2: GID 1, SIDs 62847 through 62848, Snort 3: GID 1, SID 300797. Microsoft Vulnerability CVE-2024-20698: A coding deficiency exists in Microsoft Windows Kernel that may lead to an escalation of privilege. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with: Snort 2: GID 1, SIDs 62849 through 62850, Snort 3: GID 1, SID 300798. Microsoft Vulnerability CVE-2024-21310: A coding deficiency exists in Microsoft Windows Cloud Files Mini Filter Driver that may lead to an escalation of privilege. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with: Snort 2: GID 1, SIDs 62860 through 62861, Snort 3: GID 1, SID 300802. Talos also has added and modified multiple rules in the browser-chrome, file-pdf and server-webapp rule sets to provide coverage for emerging threats from these technologies. For a complete list of new and modified rules please see: https://www.snort.org/advisories -----BEGIN PGP SIGNATURE----- iQIcBAEBAgAGBQJlnZKpAAoJEMzg39Iewam/ZsMP/0qEPpSP/LDAQFuD6HVt+MDj 4DdM/yQ4osELK/Bhg9nEif+mgLoWPhCE4LT9i+/CaeL+xmW23HEC5hBaLurvUuje 93r4DQk1dpvZwLLEXF36BHbn2AhJ/uGCOomvyoymID08gwACjKQnFUrO7xkec6EQ 3nDwmKF0w0ON6NhszeR585gU8sbuMm348QGAm53KhOdOv9IFoT5ZLtE+m5XCawci URcgjFWb+U8mzq0s95VygS3N/dTOlZZRes/7krZ9mBVzv9EaEd6ypE5YjKrEY1i/ rCQ6bgvFkv6BCaq8chV9ubcesIpLLoOPOTq5YHa5Xg/Eg+d1Uvy4eZW2r87yjL2R eHr50fFCcvX7NlcSLfFGagSIEoPvThrpAw0vLpnl7JY9SHClXhMau1koqJbAHWQx 5+TmPkAhTaT5FZGBzWYZWkjK7c19+dKFfGGT94mGSNLdpIo7p9ZQkkzguQD1/xvr f8bEHZYaQXPqyYCFlDeZudwfozc6AfykQmkaZbrfGGzMf0ROEHCpT9vEBosA6ZQz SXH7jfHGqF9isQaecQZ366JZw0JoR07NOFc/IGhm1+6gHzKDwgGwaTRarpE3iofY isdXK5WM57yZsf7mQQX8XrXvLCOuUZwKow8aIdud2LhAplvBFZr1FAbHBoeBTcOO rF7l9lUlveuR8uocU5Wk =+xac -----END PGP SIGNATURE----- _______________________________________________ Snort-sigs mailing list Snort-sigs () lists snort org https://lists.snort.org/mailman/listinfo/snort-sigs Please visit http://blog.snort.org for the latest news about Snort! Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette Visit the Snort.org to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a href=" https://snort.org/downloads/#rule-downloads">emerging threats</a>!
Current thread:
- Snort Subscriber Rules Update 2024-01-09 Research (Jan 09)