March 2010 Vulnerability Report
This month, Alain discusses the two patches from Microsoft, 0day vulnerabilities in Apache, Opera, Internet Explorer and finishes with VRT activity in March.
Rule release for today - March 9th, 2010
Microsoft Security Advisory (MS10-016): Microsoft Windows Movie Maker contains a programming error that may allow a remote attacker to execute code on an affected system. Microsoft Security Advisory (MS10-017): Microsoft Excel contains several programming errors that may allow a
APT: Should your panties be in a bunch, and how do you un-bunch them?
There is no more predictable group of people than marketers. Once a term reaches a certain tipping point, they grab onto it for dear life and choke it until it means nothing. Apparently, the Advanced Persistent Threat (APT) hit that point somewhere around December. Despite the te
Rule release for today - March 4th, 2010
We added multiple rules to the specific-threats, spyware-put, web-client, backdoor, and web-misc rule sets as well as making a whole lot of modifications to existing rules. Just a bit of a clean up. Details here: http://www.snort.org/vrt/advisories/2010/03/04/vrt-rules-2010-03-0
The Sudden Reappearance of MS03-039
Last Friday, I got into the office and pulled up my email. Among other things, there was an escalation from Sourcefire's support group, where the customer had alerts on SIDs 15512 and 3397, and they wanted an official opinion from Sourcefire as to whether the alerts they were
Rule release for today - February 26th 2010
Microsoft Internet Explorer contains a programming error that may allow a remote attacker to execute commands on a vulnerable system. The attacker needs to supply VBScript to invoke winhlp32.exe, which can then be used to execute commands via a specially crafted .HLP file. http:
Rule release for today - February 23rd 2010
Maintenance release, we added multiple rules to the rpc, specific-threats, web-client, chat, sql and oracle rule sets. A whole bunch of modifications too. http://www.snort.org/vrt/advisories/2010/02/23/vrt-rules-2010-02-23.html
CyberShockWave
There has been a lot of talk about CNN’s special presentation called “Cyber Shockwave” in the past couple of days. The program was an edited presentation of the 4-hour war games exercise that took place at the Mandarin Oriental Hotel in Washington D.C. Designed by Michael Hayden,
Rule release for today - February 17th 2010
A maintenance release, some new rules in the policy, web-misc, web-client, web-activex, sql and exploit rule sets, multiple rule modifications are available too. Details are here: http://www.snort.org/vrt/advisories/2010/02/17/vrt-rules-2010-02-17.html