Snort mailing list archives
Snort Subscriber Rules Update 2023-11-14
From: Research <research () sourcefire com>
Date: Tue, 14 Nov 2023 19:20:35 GMT
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Talos Snort Subscriber Rules Update Synopsis: Talos is aware of vulnerabilities affecting products from Microsoft Corporation. Details: Microsoft Vulnerability CVE-2023-36033: A coding deficiency exists in Microsoft Windows DWM Core Library that may lead to an escalation of privilege. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with: Snort 2: GID 1, SIDs 62632 through 62633, Snort 3: GID 1, SID 300753. Microsoft Vulnerability CVE-2023-36036: A coding deficiency exists in Microsoft Windows Cloud Files Mini Filter Driver that may lead to an escalation of privilege. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with: Snort 2: GID 1, SIDs 62630 through 62631, Snort 3: GID 1, SID 300752. Microsoft Vulnerability CVE-2023-36394: A coding deficiency exists in Microsoft Windows Search Service that may lead to an escalation of privilege. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with: Snort 2: GID 1, SIDs 62641 through 62642, Snort 3: GID 1, SID 300757. Microsoft Vulnerability CVE-2023-36399: A coding deficiency exists in Microsoft Windows Storage that may lead to an escalation of privilege. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with: Snort 2: GID 1, SIDs 62627 through 62628, Snort 3: GID 1, SID 300751. Microsoft Vulnerability CVE-2023-36413: A coding deficiency exists in Microsoft Office that may lead to security feature bypass. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with: Snort 2: GID 1, SIDs 62643 through 62644, Snort 3: GID 1, SID 300758. Talos also has added and modified multiple rules in the file-office, malware-cnc, os-windows and server-webapp rule sets to provide coverage for emerging threats from these technologies. For a complete list of new and modified rules please see: https://www.snort.org/advisories -----BEGIN PGP SIGNATURE----- iQIcBAEBAgAGBQJlU8iBAAoJEMzg39Iewam/jTcP/1z4OgH6zFcqyxqDV88LoLmE S6vzSXLNvFd3QD3dWcNZM+m1JaFHNZcX7A9TkDfqJQ+cZrljwTukKrEVvJGFkzc6 ZID4YDqbGmpnUCj5ZoYBhTLMXEcqUfbMU399Yoo1Az7egDwdckQKlsJOAw5pg6ab pTkog2Ul6NDH9VATI51asxSQQ57SeaTSFkL265q/Nl16CieFcYqKwSK2fww8ZfMt SHHJ7vUSbtglb29IZT1pmuKid3uG2evb48Qnqsy7DuipM91J179zPOBc+Z9k1Ia4 4HDljKad/CSCOFMOHK6ZuiJuuv/yBRgGgeOCDBq7xAOkw4u5RukkU45YPyg19Z3q HkeB7sce9lY3PWvXDfVbdv+cxSFrOwxEknPa95B1NdmqsH15jDIjdJNLBg5AN7ph E557zwGQNIxliGRg9Ao7xOCXsXvW89yCrVWRX4miqc17x1lSuYB079sA4IgWGZsq QdmVQTuBBt0p7iurXw/GyzRq4yNinhKHSNeesb3gnrmqifGtkV2Q85CQ5m5JLDVI UE3x9NTa6+7odUaYZ9o11E9g9eufNW4639Y7chEnKajKE2Dvl95OBW98u2LMPfO8 jAN3ljtsmgLJQgCY9yPfN9u+KXECVYE/PKxpwnLBNOW2j+X7aJ4znSmGBI91M/ai ZGAovYKXn4ujk+0oZqjx =iWtz -----END PGP SIGNATURE----- _______________________________________________ Snort-sigs mailing list Snort-sigs () lists snort org https://lists.snort.org/mailman/listinfo/snort-sigs Please visit http://blog.snort.org for the latest news about Snort! Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette Visit the Snort.org to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a href=" https://snort.org/downloads/#rule-downloads">emerging threats</a>!
Current thread:
- Snort Subscriber Rules Update 2023-11-14 Research (Nov 14)