Snort Subscriber Rules Update 2025-09-09

[Research via Snort-sigs <snort-sigs () lists snort org>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Talos Snort Subscriber Rules Update

Synopsis:
Talos is aware of vulnerabilities affecting products from Microsoft
Corporation.

Details:
Microsoft Vulnerability CVE-2025-54093:
A coding deficiency exists in Microsoft Windows TCP/IP Driver that may
lead to an escalation of privilege.

Rules to detect attacks targeting these vulnerabilities are included in
this release and are identified with:
Snort 2: GID 1, SIDs 65333 through 65334,
Snort 3: GID 1, SID 301313.

Microsoft Vulnerability CVE-2025-54098:
A coding deficiency exists in Microsoft Windows Hyper-V that may lead
to an escalation of privilege.

Rules to detect attacks targeting these vulnerabilities are included in
this release and are identified with:
Snort 2: GID 1, SIDs 65327 through 65328,
Snort 3: GID 1, SID 301310.

Microsoft Vulnerability CVE-2025-54110:
A coding deficiency exists in Microsoft Windows Kernel that may lead to
an escalation of privilege.

Rules to detect attacks targeting these vulnerabilities are included in
this release and are identified with:
Snort 2: GID 1, SIDs 65329 through 65330,
Snort 3: GID 1, SID 301311.

Microsoft Vulnerability CVE-2025-54916:
A coding deficiency exists in Microsoft Windows NTFS that may lead to
remote code execution.

Rules to detect attacks targeting these vulnerabilities are included in
this release and are identified with:
Snort 2: GID 1, SIDs 65331 through 65332,
Snort 3: GID 1, SID 301312.

Talos has added and modified multiple rules in the  and server-webapp
rule sets to provide coverage for emerging threats from these
technologies.


For a complete list of new and modified rules please see:

https://www.snort.org/advisories
-----BEGIN PGP SIGNATURE-----

iQIcBAEBAgAGBQJowG3+AAoJEHB/DbSAg2dx3vAQAJ6FrjklsYrt6+F+dJJ175yx
ZZBdfF94PVSiygfg/WSfCO8y6rN1JU0M43dajPgTUOvYDzwX6wbcRAQwTPMl9OaA
L40gVdVsrFS1Rtv6En7d0osP3jYeXO5vhzyKT9gm5eyzZHLlTjzhXZVazIINBJhV
2+bF96JCDjuSy+mATMY1jDtTtUk/G85yY1B4O1O+UxgfM5HrdFBwB4NtAdEKxvWx
F0/2ruOyWOwtvPc4NwNQ2GCGvwAPxE1Uih1wbkEXwDUorZ+qrCRWatLZHbs4RGWJ
5HKf/AUo5FmhSrtoWvb+4h6ygAm7ZctoWn/zA4t50O8OPNOt32WtvBEdf8X8aQWP
2EuG2xAWUACCWUQNsV7G6kMd8tfJf1WEptGXnNVRCSq79vXrrmyIH4BThQvs7Xqg
mxoZAHlig7UU3T7rLqjeyZ+O5wImkxFWr528Uoy+DcSRmQx1mRnByod6O37KwVNG
KzoK4f3+Ba6K8TqVh+gvgYX2XkfR2djb+I01m+9sMweY69vnhXC2OhHj1TmiDglr
Qn8TzO69RXr2eMEJ2XLekWG4GSz/rgWDTM/Urxjw56SZwi05fjYqyenh77tiRByB
LYI1RbzuiuOZGmOUtIoRhZbyezIkynX1S9CIRJa+E/jYPtL5XQyUcReb25dwZ/Fj
FQUL539EKLFTumUAK0PD
=v9Wm
-----END PGP SIGNATURE-----

_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists snort org
https://lists.snort.org/mailman/listinfo/snort-sigs

Please visit http://blog.snort.org for the latest news about Snort!

Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette

Visit the Snort.org to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a 
href=" https://snort.org/downloads/#rule-downloads";>emerging threats</a>!