SELECTED BY THE TALOS SECURITY INTELLIGENCE AND RESEARCH GROUP
Title: Microsoft Patch Tuesday for Jan. 2021 — Snort rules and prominent vulnerabilities
Description: Microsoft released its monthly security update Tuesday, disclosing 102 vulnerabilities across its large collection of hardware and software. This is the largest amount of vulnerabilities Microsoft has disclosed in a monthly security update in eight months, however, none of the issues have been exploited in the wild, according to Microsoft. 2022’s first security update features nine critical vulnerabilities, with all but one of the remaining being considered “important.” CVE-2022-21840 is one of the critical vulnerabilities, an issue in Microsoft Office that could allow an attacker to execute remote code on the targeted machine. CVE-2022-21841, CVE-2022-21837 and CVE-2022-21842 are also remote code execution vulnerabilities in the Office suite of products, though they are only rated as “important.” These four vulnerabilities are particularly of note, though, because they can be triggered by the target opening a specially crafted document, a favorite tactic of attackers.
Snort SIDs: 40689, 40690, 58859, 58860, 58866 - 58869 and 58870 - 58875
Title: Two vulnerabilities in Adobe Acrobat DC could lead to arbitrary code execution
Snort SIDs: 58367, 58368, 58553 and 58554