[Snort-sigs] Snort Subscriber Rules Update 2015-07-14

Research research at ...435...
Tue Jul 14 14:56:52 EDT 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Talos Snort Subscriber Rules Update

Synopsis:
Talos is aware of vulnerabilities affecting products from Microsoft
Corporation.

Details:
Microsoft Security Bulletin MS15-058:
Microsoft SQL Server suffers from programming errors that may lead to
remote code execution.

A rule to detect attacks targeting this vulnerability is included in
this release and is identified with GID 1, SID 35198.

Microsoft Security Bulletin MS15-065:
Microsoft Internet Explorer suffers from programming errors that may
lead to remote code execution.

Rules to detect attacks targeting these vulnerabilities are included in
this release and are identified with GID 1, SIDs 35116 through 35117,
35119 through 35128, 35133 through 35134, 35139 through 35140, 35145
through 35146, 35152 through 35159, 35164 through 35165, 35170 through
35173, 35178 through 35185, 35192 through 35197, 35199 through 35200,
and 35203 through 35214.

Microsoft Security Bulletin MS15-067:
A coding deficiency exists in Microsoft RDP that may lead to remote
code execution.

A rule to detect attacks targeting this vulnerability is included in
this release and is identified with GID 1, SID 35151.

Microsoft Security Bulletin MS15-069:
Microsoft Windows suffers from programming errors that may lead to
remote code execution.

Rules to detect attacks targeting these vulnerabilities are included in
this release and are identified with GID 1, SIDs 35166 through 35169
and 35215 through 35216.

Microsoft Security Bulletin MS15-070:
Coding deficiencies exist in Microsoft Office that may lead to remote
code execution.

Rules to detect attacks targeting these vulnerabilities are included in
this release and are identified with GID 1, SIDs 35129 through 35130,
35137 through 35138, 35141 through 35144, 35176 through 35177, 35190
through 35191, and 35201 through 35202.

Microsoft Security Bulletin MS15-072:
A coding deficiency exists in Microsoft Graphics Components that may
lead to an escalation of privilege.

Rules to detect attacks targeting these vulnerabilities are included in
this release and are identified with GID 1, SIDs 35160 through 35163.

Microsoft Security Bulletin MS15-073:
Coding deficiencies exist in Microsoft Kernel-Mode drivers that may
lead to an escalation of privilege.

Rules to detect attacks targeting these vulnerabilities are included in
this release and are identified with GID 1, SIDs 35131 through 35132,
35135 through 35136, and 35149 through 35150.

Microsoft Security Bulletin MS15-075:
A coding deficiency exists in Microsoft OLE that may lead to an
escalation of privilege.

Rules to detect attacks targeting these vulnerabilities are included in
this release and are identified with GID 1, SIDs 35186 through 35189.

Microsoft Security Bulletin MS15-076:
A coding deficiency exists in Microsoft Remote Procedure Call that may
lead to an escalation of privilege.

Rules to detect attacks targeting these vulnerabilities are included in
this release and are identified with GID 1, SIDs 35174 through 35175.

Talos has also added and modified multiple rules in the browser-ie,
browser-webkit, file-flash, file-office, os-windows, policy-other and
server-other rule sets to provide coverage for emerging threats from
these technologies.


For a complete list of new and modified rules please see:

https://www.snort.org/advisories
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFVpVt0s9U0LCYEKaARArNEAKComEDgQBvdULYczzyy582Jtkkx3wCgilTH
N4M2tAp2YhLn+vIWAIrFljw=
=kAGG
-----END PGP SIGNATURE-----





More information about the Snort-sigs mailing list