Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Snort Subscriber Rules Update 2022-06-14

From: Research <research () sourcefire com>
Date: Tue, 14 Jun 2022 17:24:50 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Talos Snort Subscriber Rules Update

Synopsis:
Talos is aware of vulnerabilities affecting products from Microsoft
Corporation.

Details:
Microsoft Vulnerability CVE-2022-30147:
A coding deficiency exists in Microsoft Windows Installer that may lead
to an escalation of privilege.

Rules to detect attacks targeting these vulnerabilities are included in
this release and are identified with:
Snort2: GID 1, SIDs 59967 through 59968,
Snort3: GID 1, SID 300201.

Microsoft Vulnerability CVE-2022-30160:
A coding deficiency exists in Microsoft Windows Advanced Local
Procedure Call that may lead to an escalation of privilege.

Rules to detect attacks targeting these vulnerabilities are included in
this release and are identified with:
Snort2: GID 1, SIDs 59971 through 59972,
Snort3: GID 1, SID 300202.

Talos also has added and modified multiple rules in the file-office,
malware-cnc, malware-other, os-windows and server-webapp rule sets to
provide coverage for emerging threats from these technologies.


For a complete list of new and modified rules please see:

https://www.snort.org/advisories
-----BEGIN PGP SIGNATURE-----

iQIcBAEBAgAGBQJiqMRgAAoJEGCbAk8rPt0HCJwP/RMgoV5Im3KF07SSp1lo0Phx
+QdQfT7rDgPDFm7qoR9roI3fR4RrgoA1Ee/KVUEbF9ed2FzWG7/6r0tG4JkCs3V3
QXjq6p9lA5d0fqpEZoglEeFjTJBFIJ6Sais66DH4C9yd55Pzf8zEWcsQUVeDBVAR
AbSaM1Lb3q6376CqIhEDAEOU9IcvA2VvHNcMvOj6zuDuLFu/ZMtW4hi97+nGKkUJ
Uum5fbwZX/ozOFIkQODKK4KLIgtaj3dINj8KP97S2SjMLLYL1qMzJb3S4BMQU1rA
/QPGJTfOVfx/nQWerfoWm2AlvV+GX+G5Ag4b/11Ls9ugli9R0pgGtK8GFofPQlcB
YqGO/2rvr4OBQYbSobvdLhcStPO7orPYez++Qu+YOoxh2WysdL1jeOunkVgBCGSz
YLWc1/XHv+01R8WRiqpJx+TU9yTvdWXzrk5oT13qY6eo9Hb+D2elOPDpemp1FlRl
WxoZQOhCh4mqYxb54VQHFT/ne+QQIxxSBYXb9KRCp/ipwLWB08rLdO6+H9K0TADa
NZ9Eh66Kk374IO22zZiscO/00PRCAaMmBbaXeVbWitUmcHuwupL3zvFKC5dXRMfQ
KiTERbTvUWW+JNkymcbRLIN8oQz/xqPKjJhrpOsH8dg4VzTpFS4HHcjpB3gssgnd
BdAI39Y4MDAQdi1AQqjN
=xIgh
-----END PGP SIGNATURE-----

_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists snort org
https://lists.snort.org/mailman/listinfo/snort-sigs

Please visit http://blog.snort.org for the latest news about Snort!

Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette

Visit the Snort.org to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a 
href=" https://snort.org/downloads/#rule-downloads";>emerging threats</a>!
Previous By Date Next
Previous By Thread Next

Current thread: