[Snort-sigs] Sourcefire VRT Certified Snort Rules Update 2014-01-14

Research research at ...435...
Tue Jan 14 15:16:05 EST 2014


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Sourcefire VRT Certified Snort Rules Update

Synopsis:
The Sourcefire VRT is aware of vulnerabilities affecting products from
Microsoft Corporation.

Details:
Microsoft Security Bulletin MS14-002:
A programming error in the Microsoft Windows Kernel-Mode NDProxy Driver
could lead to an escalation of privilege.

Previously released rules will detect attacks targeting this
vulnerability and have been updated with the appropriate reference
information. They are included in this release and are identified with
GID 1, 28867 through 28872.

The Sourcefire VRT has also added and modified multiple rules in the
app-detect, blacklist, exploit-kit, file-office, file-pdf, malware-cnc,
os-windows, protocol-dns, protocol-imap, protocol-scada, pua-p2p and
web-client rule sets to provide coverage for emerging threats from
these technologies.

For a complete list of new and modified rules please see:

http://www.snort.org/vrt/docs/ruleset_changelogs/changes-2014-01-14.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFS1ZsHQLjqI2QiHVMRAio/AJ0f3VyyP2jNuHosyperiDIrVauaFQCgoELp
OGw+M0J0TOE0FGZLJeDskG4=
=UuDH
-----END PGP SIGNATURE-----





More information about the Snort-sigs mailing list