SELECTED BY THE TALOS SECURITY INTELLIGENCE AND RESEARCH GROUP
Title: Remote code execution bugs in Word, SMB disclosed as part of Patch Tuesday
Description: Microsoft released its monthly security update Tuesday, disclosing more than 120 vulnerabilities across its array of products. While none of the vulnerabilities disclosed have been exploited in the wild, users of all Microsoft and Windows products are urged to update their software as soon as possible to avoid possible exploitation. The security updates cover several different products including the VBScript engine, SharePoint file-sharing service and GDI+.
Snort SIDs: 52213 - 52217, 54191 - 54194, 54219, 54220, 54230 - 54240, 54245 - 54250, 54270 and 54271
Title: Cisco patches vulnerabilities in IOS XE, affecting some industrial routers
Description: Cisco disclosed three critical vulnerabilities in its IOS and IOS XE software and industrial router group. Many of the alerts concern a command injection vulnerability that would allow an adversary to execute arbitrary code on the affected operating system. One of the most severe bugs could allow a remote attacker to obtain an authorization token on the affected system and execute their choice of IOx API commands on the device.
Snort SIDs: 53497 - 53504, 54155, 54159 - 54164