Snort Subscriber Rules Update 2025-08-12

[Research via Snort-sigs <snort-sigs () lists snort org>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Talos Snort Subscriber Rules Update

Synopsis:
Talos is aware of vulnerabilities affecting products from Microsoft
Corporation.

Details:
Microsoft Vulnerability CVE-2025-49743:
A coding deficiency exists in Microsoft Windows Graphics Component that
may lead to an escalation of privilege.

Rules to detect attacks targeting these vulnerabilities are included in
this release and are identified with:
Snort 2: GID 1, SIDs 65236 through 65237,
Snort 3: GID 1, SID 301301.

Microsoft Vulnerability CVE-2025-50167:
A coding deficiency exists in Microsoft Windows Hyper-V that may lead
to an escalation of privilege.

Rules to detect attacks targeting these vulnerabilities are included in
this release and are identified with:
Snort 2: GID 1, SIDs 65234 through 65235,
Snort 3: GID 1, SID 301300.

Microsoft Vulnerability CVE-2025-50168:
A coding deficiency exists in Microsoft Win32k that may lead to an
escalation of privilege.

Rules to detect attacks targeting these vulnerabilities are included in
this release and are identified with:
Snort 2: GID 1, SIDs 65242 through 65243,
Snort 3: GID 1, SID 301304.

Microsoft Vulnerability CVE-2025-50177:
A coding deficiency exists in Microsoft Message Queuing (MSMQ) that may
lead to remote code execution.

Rules to detect attacks targeting these vulnerabilities are included in
this release and are identified with:
Snort 2: GID 1, SID 65241,
Snort 3: GID 1, SID 65241.

Microsoft Vulnerability CVE-2025-53132:
A coding deficiency exists in Microsoft Win32k that may lead to an
escalation of privilege.

Rules to detect attacks targeting these vulnerabilities are included in
this release and are identified with:
Snort 2: GID 1, SIDs 65244 through 65245,
Snort 3: GID 1, SID 301305.

Microsoft Vulnerability CVE-2025-53147:
A coding deficiency exists in Microsoft Windows Ancillary Function
Driver for WinSock that may lead to an escalation of privilege.

Rules to detect attacks targeting these vulnerabilities are included in
this release and are identified with:
Snort 2: GID 1, SIDs 65246 through 65247,
Snort 3: GID 1, SID 301306.

Microsoft Vulnerability CVE-2025-53778:
A coding deficiency exists in Microsoft Windows NTLM that may lead to
an escalation of privilege.

Rules to detect attacks targeting these vulnerabilities are included in
this release and are identified with:
Snort 2: GID 1, SID 65240,
Snort 3: GID 1, SID 65240.

Talos also has added and modified multiple rules in the file-other,
malware-cnc, malware-other, os-windows and server-webapp rule sets to
provide coverage for emerging threats from these technologies.


For a complete list of new and modified rules please see:

https://www.snort.org/advisories
-----BEGIN PGP SIGNATURE-----

iQIcBAEBAgAGBQJom4PjAAoJEHB/DbSAg2dxqYQP/jZLwsqtpIZXc+TDaNNRjJQs
lA5t+eJhEODASof8KUMA9YSXKvEZeS6d6p+nFNEkqjLXwkQ9Yy17buurbWWb68On
o6c8LhFB10xbIsJ9Vk9eB1sX2DRlmX1nGo7q/LbicgI5KU+CT6G07F3Ko3xssA2O
5t8f9EnfDMltbytYhc3qUKFG47MCqnyqeBJUhycJYMF/Rx/Xk4dbYb+/5TH4Lbsa
F7vdQEfEg0IgvXcFdsfR/BcRf1Q6ZSvAdZES1lZ/qAK8DpfW4pMZX0qir5ZccRtN
sVVUqneaIGDd8MZWP1SR+mO6WJjQA05RmBWGVxDzigCfa9UD30kqRdXkofVZP6AF
7aiE7mezm+MWnb7z81j+2sSYauZuhenM7f1tHUiJKpxK1d+v+/0Wp5Az+sB/vPr4
QIwIfgSvrfqcwrW2uXQ0zRtQUnZOcgM6jcuG0Cf9MYSBHbgzJRHJotRxCDcQ0471
tKyqO8gR+kwBnXtzD66eMq002lDQRpKa6gBJ5WjfTdETGJGFXKky2BBxzkmidKPF
gg8/KWiYV7Vuw+96jq58u4zmaoBxDI/OvyCAUPJ8tOcyy0kUxxwRNq3K05Nmovfo
odFeL1w86vASOjrExlhtugfybE7cLJh6WeD2PNsUXJYn881Nvf2yJ9B1C3VMNAci
2AKEghrN6UgRMVyklbMF
=VzMF
-----END PGP SIGNATURE-----

_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists snort org
https://lists.snort.org/mailman/listinfo/snort-sigs

Please visit http://blog.snort.org for the latest news about Snort!

Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette

Visit the Snort.org to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a 
href=" https://snort.org/downloads/#rule-downloads";>emerging threats</a>!