Microsoft vulnerability protection for Snort users.
Sourcefire (published 19/06/2007)
SourceFire stays ahead of the latest threat vulnerabilities in Microsoft with the release of protection against the three newest vulnerabilities announced by Microsoft.
Open source innovator and Snort creator, Sourcefire has announced that the Sourcefire Vulnerability Research Team (VRT) has delivered rules to protect Sourcefire customers and Snort users from three latest Microsoft vulnerabilities announced recently. These vulnerabilities impact Microsoft Vista, Microsoft Internet Explorer, Microsoft Outlook Express, Microsoft Visio, Windows Mail, the Win32 API and a Microsoft SSL/TLS subsystem.
“Timely coverage for critical vulnerabilities is essential for today’s leading organisations, and Sourcefire works aggressively to ensure that our customers are protected immediately after a risk is uncovered,” said Matt Watchinski, Director of the Sourcefire Vulnerability Research Team. “As hackers become more creative, organisations require a security partner that is not only faster but smarter than the people who are looking to exploit these vulnerabilities. Today’s announcement further illustrates the Sourcefire VRT’s proven track record of quickly delivering protection from critical risks.”
Within 8 hours of Microsoft’s latest disclosure, the Sourcefire VRT created, tested and delivered Snort rules to protect users from the Microsoft vulnerabilities listed below. These new rules are designed to detect attacks targeting these vulnerabilities and are included in the latest Sourcefire Security Enhancement Update (SEU) released last week.
− Microsoft Security Bulletin MS07-030 – Microsoft Visio contains a vulnerability that could allow remote code execution if a user opened a specially crafted Visio file.
− Microsoft Security Bulletin MS07-033 – Critical vulnerabilities in Microsoft Internet Explorer allow for remote code execution and spoofing.
− Microsoft Security Bulletin MS07-034 – Critical vulnerabilities discovered within the Windows Mail utility within Microsoft Vista could allow remote code execution if a user viewed a specially crafted e-mail using Windows Mail.
