[Snort-sigs] Sourcefire VRT Certified Snort Rules Update 2013-11-05

Research research at ...435...
Tue Nov 5 20:12:03 EST 2013


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Sourcefire VRT Certified Snort Rules Update

Synopsis:
The Sourcefire VRT is aware of vulnerabilities affecting products from
Microsoft Corporation.

Details:
Microsoft Security Advisory 2896666:
A coding deficiency in Microsoft Graphics Component could lead to
remote code execution.

Rules to detect attacks targeting this vulnerability are included in
this release and are identified with GID 1, SIDs 28464-28471.

The Sourcefire VRT has added and modified multiple rules in the
blacklist, browser-firefox, browser-ie, browser-plugins, deleted,
exploit-kit, file-flash, file-image, file-multimedia, file-office,
file-other, file-pdf, indicator-obfuscation, indicator-scan,
malware-cnc, malware-tools, netbios, os-windows, policy-other,
server-apache, server-iis and server-webapp rule sets to provide
coverage for emerging threats from these technologies.

For a complete list of new and modified rules please see:

http://www.snort.org/vrt/docs/ruleset_changelogs/changes-2013-11-05.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFSeZdmQLjqI2QiHVMRAkhFAJ9ZzdGoM+0LldFrV3OL0q0qMvyASQCgpIfG
ww6GgKdK7Ll0rXz5g/aEBg4=
=ZMPG
-----END PGP SIGNATURE-----





More information about the Snort-sigs mailing list