[Snort-sigs] Sourcefire VRT Certified Snort Rules Update 2014-01-14
research at ...435...
Tue Jan 14 15:16:05 EST 2014
-----BEGIN PGP SIGNED MESSAGE-----
Sourcefire VRT Certified Snort Rules Update
The Sourcefire VRT is aware of vulnerabilities affecting products from
Microsoft Security Bulletin MS14-002:
A programming error in the Microsoft Windows Kernel-Mode NDProxy Driver
could lead to an escalation of privilege.
Previously released rules will detect attacks targeting this
vulnerability and have been updated with the appropriate reference
information. They are included in this release and are identified with
GID 1, 28867 through 28872.
The Sourcefire VRT has also added and modified multiple rules in the
app-detect, blacklist, exploit-kit, file-office, file-pdf, malware-cnc,
os-windows, protocol-dns, protocol-imap, protocol-scada, pua-p2p and
web-client rule sets to provide coverage for emerging threats from
For a complete list of new and modified rules please see:
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
-----END PGP SIGNATURE-----
More information about the Snort-sigs