Snort mailing list archives
Snort Subscriber Rules Update 2022-09-13
From: Research <research () sourcefire com>
Date: Tue, 13 Sep 2022 17:31:09 GMT
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Talos Snort Subscriber Rules Update Synopsis: Talos is aware of vulnerabilities affecting products from Microsoft Corporation. Details: Microsoft Vulnerability CVE-2022-34725: A coding deficiency exists in Microsoft Windows ALPC that may lead to an escalation of privilege. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with: Snort2: GID 1, SIDs 60553 through 60554, Snort3: GID 1, SID 300268. Microsoft Vulnerability CVE-2022-34729: A coding deficiency exists in Microsoft Windows GDI that may lead to an escalation of privilege. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with: Snort2: GID 1, SIDs 60549 through 60550, Snort3: GID 1, SID 300266. Microsoft Vulnerability CVE-2022-35803: A coding deficiency exists in Microsoft Windows Common Log File System driver that may lead to an escalation of privilege. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with: Snort2: GID 1, SIDs 60555 through 60558, Snort3: GID 1, SIDs 300269 through 300270. Microsoft Vulnerability CVE-2022-37954: A coding deficiency exists in DirectX Graphics Kernel that may lead to an escalation of privilege. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with: Snort2: GID 1, SIDs 60551 through 60552, Snort3: GID 1, SID 300267. Microsoft Vulnerability CVE-2022-37957: A coding deficiency exists in Microsoft Windows Kernel that may lead to an escalation of privilege. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with: Snort2: GID 1, SIDs 60546 through 60547, Snort3: GID 1, SID 300265. Talos also has added and modified multiple rules in the and server-webapp rule sets to provide coverage for emerging threats from these technologies. For a complete list of new and modified rules please see: https://www.snort.org/advisories -----BEGIN PGP SIGNATURE----- iQIbBAEBAgAGBQJjIL5cAAoJEGCbAk8rPt0H+iwP+MEock0u1Xh66rWUPpoAQRPB 666VZ431Twe4ImAdNXwl6Xd0VRyKp8tlbI7i9c//cWYuXByoPGraDGN25lNEPo44 CJOqRD8dYOqsfw86Eu43judVX6tXfUjG7kNHZwWNbE10arRfptzmELEURVoe/64X MhsWvrht+yu2taXs6QIak3on/s0oDkpUWJmRyBAytgUMlgsalAj20OiP4WmnEI/d SfirU7D4CV9mU0Bh8/SkXrEhkEqD/phR9jHyGme3X3qLpymA7WrDKaeCE1CrkwSt FKzNL2rBIGLRlNjrpskP2XJ4+EPIzA7qf9E+QjyI3x/ffWFCIbyov2pxuPx+ihFa q7ES/vQgw5XAoAYqadVv9uaHhUikOdKwclryL8sWzYRgF0V4nv9j6x1reH2jpJpH B62wn73rUEb34oHqLmdSrNLgpMZEL7/26onPjRuRTZnXy2vrZet4+z18GoYQsECG ZibR3U2BmHvKp9pDrGMzogXqxMnjGU3/a4iMaJ3yOEQyUefms+F5QNpT3k/Qis7Y pXyTO3Pq3C/oIZ85lGDuBLPFY3vZYYy/khzs0gWUg6nZLumkXtTuxqEtcwHIhSP0 XSf2kWwQTVU2h9k45/fZcvn6UtMtu5tzvCyie8V4ynPfuGAXByL98ky8NVC6dOYj cm+WUqE0MrJTwRABAw4= =RnuH -----END PGP SIGNATURE----- _______________________________________________ Snort-sigs mailing list Snort-sigs () lists snort org https://lists.snort.org/mailman/listinfo/snort-sigs Please visit http://blog.snort.org for the latest news about Snort! Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette Visit the Snort.org to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a href=" https://snort.org/downloads/#rule-downloads">emerging threats</a>!
Current thread:
- Snort Subscriber Rules Update 2022-09-13 Research (Sep 13)