Thursday, October 22, 2009

Rule release for today - October 22nd, 2009

A few modifications in this release, most notably a fix for a false positive issue that raised it's ugly head from the Microsoft Tuesday release.

Microsoft Security Advisory (MS09-059):
A vulnerability in the Microsoft Local Security Authority Subsystem Service (LSASS) may allow a remote attacker to cause a Denial of Service (Dos) against an affected system.

A previously released rule to detect attacks targeting this vulnerability has been modified to reduce the incidence of false positive events. It is included in this release and is identified with GID 3, SID 16167.

As always, changelogs: http://www.snort.org/vrt/advisories/2009/10/22/vrt-rules-2009-10-22.html

No comments:

Post a Comment