[Snort-sigs] Sourcefire VRT Certified Snort Rules Update 2013-11-05
research at ...435...
Tue Nov 5 20:12:03 EST 2013
-----BEGIN PGP SIGNED MESSAGE-----
Sourcefire VRT Certified Snort Rules Update
The Sourcefire VRT is aware of vulnerabilities affecting products from
Microsoft Security Advisory 2896666:
A coding deficiency in Microsoft Graphics Component could lead to
remote code execution.
Rules to detect attacks targeting this vulnerability are included in
this release and are identified with GID 1, SIDs 28464-28471.
The Sourcefire VRT has added and modified multiple rules in the
blacklist, browser-firefox, browser-ie, browser-plugins, deleted,
exploit-kit, file-flash, file-image, file-multimedia, file-office,
file-other, file-pdf, indicator-obfuscation, indicator-scan,
malware-cnc, malware-tools, netbios, os-windows, policy-other,
server-apache, server-iis and server-webapp rule sets to provide
coverage for emerging threats from these technologies.
For a complete list of new and modified rules please see:
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
-----END PGP SIGNATURE-----
More information about the Snort-sigs