[Snort-sigs] Sourcefire VRT Certified Snort Rules Update 2011-11-07
research at ...435...
Mon Nov 7 15:21:55 EST 2011
-----BEGIN PGP SIGNED MESSAGE-----
Sourcefire VRT Certified Snort Rules Update
The Sourcefire VRT is aware of a vulnerability affecting hosts using
the Microsoft Windows operating system.
Microsoft Security Advisory (2639658):
The Microsoft Windows TrueType font parsing engine contains a
vulnerability that may allow a remote attacker to execute code on an
affected system. A succesful exploitation of this vulnerability may
allow the attacker to execute code in kernel mode. This vulnerability
is also related to the Duqu malware.
A rule to detect attacks targeting this vulnerability is included in
this release and is identified with GID 3, SID 20539.
For a complete list of new and modified rules please see:
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
-----END PGP SIGNATURE-----
More information about the Snort-sigs