Snort mailing list archives
Snort Subscriber Rules Update 2022-10-11
From: Research <research () sourcefire com>
Date: Tue, 11 Oct 2022 17:45:53 GMT
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Talos Snort Subscriber Rules Update Synopsis: Talos is aware of vulnerabilities affecting products from Microsoft Corporation. Details: Microsoft Vulnerability CVE-2022-37970: A coding deficiency exists in Microsoft DWM Core Library that may lead to an escalation of privilege. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with: Snort 2: GID 1, SIDs 60698 through 60699, Snort 3: GID 1, SID 300292. Microsoft Vulnerability CVE-2022-37974: A coding deficiency exists in Microsoft Windows Mixed Reality Developer Tools that may lead to information disclosure. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with: Snort 2: GID 1, SIDs 60700 through 60701, Snort 3: GID 1, SID 300293. Microsoft Vulnerability CVE-2022-37987: A coding deficiency exists in Microsoft Windows Active Directory Certificate Services that may lead to security feature bypass. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with: Snort 2: GID 1, SIDs 60706 through 60707, Snort 3: GID 1, SID 300297. Microsoft Vulnerability CVE-2022-37989: A coding deficiency exists in Microsoft Windows Client Server Run-time Subsystem (CSRSS) that may lead to an escalation of privilege. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with: Snort 2: GID 1, SIDs 60704 through 60705, Snort 3: GID 1, SID 300296. Microsoft Vulnerability CVE-2022-38050: A coding deficiency exists in Microsoft Win32k that may lead to an escalation of privilege. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with: Snort 2: GID 1, SIDs 60693 through 60696, Snort 3: GID 1, SIDs 300290 through 300291. Microsoft Vulnerability CVE-2022-38051: A coding deficiency exists in Microsoft Graphics Component that may lead to an escalation of privilege. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with: Snort 2: GID 1, SIDs 60708 through 60709, Snort 3: GID 1, SID 300298. Talos also has added and modified multiple rules in the browser-ie, file-identify and server-webapp rule sets to provide coverage for emerging threats from these technologies. For a complete list of new and modified rules please see: https://www.snort.org/advisories -----BEGIN PGP SIGNATURE----- iQIcBAEBAgAGBQJjRavOAAoJEGCbAk8rPt0HOO8QALAOcG4wAJukRF2IF6Obz7Rl EmxN7nzIH44wXMJXTenXId4naM8E1ZI7GmBBDXIGedDrkyh54eC8BI2FJKEvrIWu BPl1XkFyugj+xkmuRw7A97gll12oW+x2hR2AAFymV/Wzhot9gQ5R+RVXkF3BE2Ze w4Co/i1UQBxKLs5/jCgDEvw3O7dTCpZ3+3xfET03l3fDmJm7oyWuTHBRbKjdH0FS rS9riOLXD7FNxfmA/Q1On90EpH8nmaUxu2InMnoLdF5bNCOgKb5h4VlldUcdo09m CajfGIa/8nQFWXwa9j6eqsRy8wtcI/XXkEps2BN3+OaUPMx4fFZ/t6PmBS5F78C9 pC9bFQ+i3Gp2RSeKBCB0pKUtdCVGkGh3TFf9K06bQNxYTBOBL7mN+0MmHxXEG7Sn jX+kj/O2DkC++09MpoE4FnU90hJwoDQ3Of6fnfnuheDmEtFRuEKecFQk8YHD2mJl BaVsTqV1wlLNglLF6AknS5zSYV314swTqyHcLbdVQoaM0D5bUgPThkysKQZ1kb7R ce5xTWkV01zUYLra7ZRKoB9JZUXwBw9K2TYfAykeFEghGHXGUq+Pcv5rfvNDX41G UostpEZudC7Cd1tzocfwb3VHgNuh/5OuMFJB16pojz8GtaOhJ8jpqFRraO8lZZFr hPHUwr5J1rpiYOdbhVwK =qUug -----END PGP SIGNATURE----- _______________________________________________ Snort-sigs mailing list Snort-sigs () lists snort org https://lists.snort.org/mailman/listinfo/snort-sigs Please visit http://blog.snort.org for the latest news about Snort! Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette Visit the Snort.org to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a href=" https://snort.org/downloads/#rule-downloads">emerging threats</a>!
Current thread:
- Snort Subscriber Rules Update 2022-10-11 Research (Oct 11)