Tuesday, July 13, 2010

Rule Release for Today, Tuesday July 13th, 2010

Microsoft Security Advisory MS10-042:

Microsoft Help and Support Center contains a programming error that may  allow a remote attacker to bypass security restrictions on an affected system. The error occurs when invalid hex-encoded characters are used as a parameter to a search query using the hcp:// URI schema.

Microsoft Security Advisory MS10-043:

The Microsoft Canonical Display Driver (cdd.dll) contains a programming error that may allow a remote attacker to execute code on a vulnerable system.

Microsoft Security Advisory MS10-044:

Microsoft Access contains mulitple vulnerabilities that may allow a remote attacker to execute code on an affected system.

Microsoft Security Advisory MS10-045:

Microsoft Outlook contains a programming error that may allow a remote attacker to execute code on an affected system.

Additionally, this release introduces three new rule groups, botnet-cnc.rules, blacklist.rules and phishing-spam.rules. These rule groups represent a decentralization of existing coverage from spyware-put.rules and specific-threats.rules. The rules themselves are gleaned from honeypot and malware data collected by the Sourcefire VRT.

As always, details are available here: http://www.snort.org/vrt/advisories/2010/07/13/vrt-rules-2010-07-13.html/

Add to Technorati Favorites Digg! This
Post a Comment