Tuesday, August 11, 2015

Snort Subscriber Rule Set Update for 08/11/2015, MSTuesday

Just released:
Snort Subscriber Rule Set Update for 08/11/2015

We welcome the introduction of the newest rule release from Talos. In this release we introduced 58 new rules and made modifications to 4 additional rules.

There were no changes made to the snort.conf in this release.

Talos's rule release:
Microsoft Security Bulletin MS15-079:
Microsoft Internet Explorer suffers from programming errors that may lead to
remote code execution.

Rules to detect attacks targeting these vulnerabilities are included in this
release and are identified with GID 1, SIDs 35473 through 35482, 35487 through
35488, 35493 through 35494, and 35507 through 35508.

Microsoft Security Bulletin MS15-080:
A coding deficiency exists in a Microsoft Graphics Component that may lead to
remote code execution.

Rules to detect attacks targeting these vulnerabilities are included in this
release and are identified with GID 1, SIDs 35483 through 35486, 35489 through
35492, 35495 through 35498, 35513 through 35520, 35523 through 35526, and 35529
through 35530.

Microsoft Security Bulletin MS15-081:
A coding deficiency exists in Microsoft Office that may lead to remote code
execution.

Rules to detect attacks targeting these vulnerabilities are included in this
release and are identified with GID 1, SIDs 35501 through 35506, 35509 through
35512, 35521 through 35522, and 35527 through 35528.

Microsoft Security Bulletin MS15-090:
A coding deficiency exists in Microsoft Windows that may lead to escalation of
privilege.

Previously released rules will detect attacks targeting this vulnerability and
have been updated with the appropriate reference information. They are included
in this release and are identified with GID 1, SIDs 35139 through 35140.

Microsoft Security Bulletin MS15-091:
A coding deficiency exists in Microsoft Edge that may lead to remote code
execution.

Rules to detect attacks targeting these vulnerabilities are included in this
release and are identified with GID 1, SIDs 35499 through 35500.

Talos has also added and modified multiple rules in the browser-ie,
file-office, file-other and policy-other rule sets to provide coverage for
emerging threats from these technologies.

In order to subscribe now to Talos's newest rule detection functionality, you can subscribe for as low as $29 US dollars a year for personal users, be sure and see our business pricing as well at https://www.snort.org/products. Make sure and stay up to date to catch the most emerging threats!