Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Sourcefire Snort users protected from MS vulnerabilities

Sourcefire : 11 September, 2008  (New Product)
Patches released by Microsoft covering vulnerabilities on Windows, Office and SQL Server included in Sourcefire Snort products protecting users of these products
Open source innovator and Snort creator, Sourcefire has announced that the Sourcefire Vulnerability Research Team (VRT) has delivered rules to protect Sourcefire customers and Snort users from the four Microsoft vulnerabilities disclosed today. These vulnerabilities impact Microsoft Windows, Office, Internet Explorer, .NET Framework, SQL Server and Visual Studio.

"Critical vulnerabilities, like the ones announced today, can cause huge security issues as they create holes for new exploits to quietly disrupt systems or steal information," said Matt Watchinski, Senior Director of the Sourcefire Vulnerability Research Team. "The proactive protection offered by Sourcefire's IPS, combined with the superior network visibility delivered by Sourcefire RNAâ„¢, provides our customers with a one-two punch for defending networks against zero-day attacks."

Following Microsoft's disclosure earlier today, the Sourcefire VRT created, tested and delivered Snort rules designed to detect attacks targeting the Microsoft vulnerabilities listed below. These new rules are included in the latest Sourcefire Security Enhancement Update (SEU) released today.

- Microsoft Security Bulletin MS08-052 - Critical Microsoft Windows GDI+ vulnerability could allow remote code execution if a user viewed a specially crafted image file using affected software or browsed a Web site that contains specially crafted content.

- Microsoft Security Bulletin MS08-053 - Critical Windows Media Encoder 9 Series vulnerability could allow remote code execution if a user viewed a specially crafted Web page. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

- Microsoft Security Bulletin MS08-054 - Critical Windows Media Player vulnerability could allow remote code execution when a specially crafted audio file is streamed from a Windows Media server. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

- Microsoft Security Bulletin MS08-055 - Critical Microsoft Office vulnerability could allow remote code execution if a user clicks a specially crafted OneNote URL. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo