[Snort-sigs] Snort Subscriber Rules Update 2015-10-13

Research research at ...435...
Tue Oct 13 15:40:56 EDT 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Talos Snort Subscriber Rules Update

Synopsis:
Talos is aware of vulnerabilities affecting products from Microsoft
Corporation.

Details:
Microsoft Security Bulletin MS15-106:
Microsoft Internet Explorer suffers from programming errors that may
lead to remote code execution.

Previously released rules will detect attacks targeting these
vulnerabilities and have been updated with the appropriate reference
information. They are included in this release and are identified with
GID 1, SIDs 34393 through 34394.

New rules to detect attacks targeting these vulnerabilities are also
included in this release and are identified with GID 1, SIDs 36407
through 36414, 36417 through 36422, 36431 through 36432, 36437 through
36444, 36447 through 36448, 36450 through 36451, and 36458 through
36459.

Microsoft Security Bulletin MS15-107:
A coding deficiency exists in Microsoft Edge that may lead to
information disclosure.

A rule to detect attacks targeting this vulnerability is included in
this release and is identified with GID 1, SID 36452.

Microsoft Security Bulletin MS15-108:
A coding deficiency exists in Microsoft JScript and VBScript that may
lead to remote code execution.

Rules to detect attacks targeting these vulnerabilities are included in
this release and are identified with GID 1, SIDs 36419 through 36422.

Microsoft Security Bulletin MS15-109:
A coding deficiency exists in Microsoft Windows Shell that may lead to
remote code execution.

Rules to detect attacks targeting these vulnerabilities are included in
this release and are identified with GID 1, SIDs 36401 through 36402
and 36423 through 36424.

Microsoft Security Bulletin MS15-110:
A coding deficiency exists in Microsoft Office that may lead to remote
code execution.

Rules to detect attacks targeting these vulnerabilities are included in
this release and are identified with GID 1, SIDs 36425 through 36430.

Microsoft Security Bulletin MS15-111:
A coding deficiency exists in the Microsoft Windows Kernel that may
lead to an escalation of privilege.

Rules to detect attacks targeting these vulnerabilities are included in
this release and are identified with GID 1, SIDs 36403 through 36406,
36415 through 36416, and 36445 through 36446.


Talos has also added and modified multiple rules in the browser-ie,
browser-plugins, exploit-kit, file-flash, file-multimedia, file-office,
file-other, os-windows, policy-other and server-webapp rule sets to
provide coverage for emerging threats from these technologies.


For a complete list of new and modified rules please see:

https://www.snort.org/advisories
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFWHV5Is9U0LCYEKaARAo1sAKDFd4NIA9vjic4iqIstlQc0d+HKmgCfTJF7
fz/Ldihkf2Y4a3/JrSdQo2s=
=dj0m
-----END PGP SIGNATURE-----





More information about the Snort-sigs mailing list