Bulletin CVE Title Notes ET Pro Coverage MS12-029 2012-0183 RTF Mismatch Vulnerability Exploit Code Likely  2804909 MS12-030 2012-0141 xcel File Format Memory Corruption Vulnerability Difficult to Exploit  Not Reliably Sigable MS12-030 2012-0142 Excel File Format Memory Corruption in OBJECTLINK Record Vulnerability Difficult to Exploit  2804906 MS12-030 2012-0143 Excel Memory Corruption Using Various Modified Bytes Vulnerability [...]

3 new Open rules, 15 new Pro Subscriber rules. MS Patch Tuesday and Adobe issues covered. More details on coverage here:   http://www.emergingthreatspro.com/daily-ruleset-update-summary/april-2012-microsoftadobe-patch-tuesday-coverage/     [+++]          Added rules:          [+++]   2014536 – ET CURRENT_EVENTS Blackhole Java Exploit request to /Klot.jar (current_events.rules) 2014537 – ET CURRENT_EVENTS Initial Blackhole [...]

Bulletin CVE Title Notes ET Pro Coverage MS12-023 2012-0169 JScript9 Remote Code Execution Difficult to Exploit Reliably Not Reliably Sigable. Will add exploit specific coverage as possible. MS12-023 2012-0170 OnReadyStateChange Remote Code Execution Easy to Exploit  Not Reliably Sigable. Will add exploit specific coverage as possible. MS12-023 2012-0171 selectAll Remote Code Exeuction Easy to Exploit [...]

  A lot of tweaks again today, moved several rules from the Pro set to the Open side that had similar rules contributed, and we’ve added two very important and much different rules for RDP.   These two new rules for the Microsoft Remote Desktop Protocol (RDP) vuln in cve-2012-0002 were the result of some [...]

A lot of new and a lot of updates today. 14 new Open rules, 9 new Pro Subscriber rules.   We’ve also move two signatures from the ET Pro subscriber ruleset into the open ruleset for the MS Remote Desktop vulnerability. Our reasoning for this is:   1. There is not enough information in the [...]