Tuesday, June 10, 2014

Sourcefire VRT Certified Snort Rules Update for 06/10/2014, MSTUES

Just released:
Sourcefire VRT Certified Snort Rules Update for 06/10/2014


We welcome the introduction of the newest rule release from the VRT. In this release we introduced 39 new rules and made modifications to 4 additional rules.

There were no changes made to the snort.conf in this release.

In VRT's rule release:
Synopsis: The Sourcefire VRT is aware of vulnerabilities affecting products from
Microsoft Corporation.

Details:
Microsoft Security Bulletin MS14-032:
A coding deficiency in Microsoft Lync Server could lead to remote code
execution.

A rule to detect attacks targeting this vulnerability is included in
this release and is identified with GID 1, SID 31217.

Microsoft Security Bulletin MS14-035:
Microsoft Internet Explorer contains programming errors that may lead
to remote code execution.

Rules to detect attacks targeting these vulnerabilities are included in
this release and are identified with GID 1, SIDs 31188 through 31191,
31194, 31196 through 31209, 31215 through 31216, and 31219 through
31220.


The Sourcefire VRT has also added and modified multiple rules in the
blacklist, browser-ie, indicator-compromise, malware-cnc,
malware-other, os-windows and server-webapp rule sets to provide
coverage for emerging threats from these technologies.


In order to subscribe now to the VRT's newest rule detection functionality, you can subscribe for as low as $29 US dollars a year for personal users, be sure and see our business pricing as well at http://www.snort.org/store. Make sure and stay up to date to catch the most emerging threats!