Over 10 years we help companies reach their financial and branding goals. Engitech is a values-driven technology agency dedicated.

Gallery

Contacts

411 University St, Seattle, USA

engitech@oceanthemes.net

+1 -800-456-478-23

Twitter Facebook-f Pinterest-p Instagram

YARA-X 1.10.0 Release: Fix Warnings, (Sun, Nov 23rd)SANS Internet Storm Center, InfoCON: green

Security News
20251123 110201 RIorAJ
_ _ Tech Jacks Solutions_ 0 Comments

YARA-X’s 1.10.0 release brings a new command: fix warnings.

If you have a rule that would generate a warning with a help section (explaining how to fix it), like this example rule:

 

rule FixableCountWarning
{
    strings:
        $a1 = "malicious"
        $a2 = "badstuff"

    condition:
        0 of ($a*)
}

20251123 110201

Then YARA-X from version 1.10.0 on can fix this for you

You will get a warning when you use this rule:

20251123 110226

The suggested fix is to replace 0 with none.

This can be done automatically with command fix warnings:

20251123 110255

Remark that this command alters your original rule file, and doesn’t make a backup of the unaltered file:

20251123 110323

 

 

Didier Stevens
Senior handler
blog.DidierStevens.com

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. Read More 

3

Author

Tech Jacks Solutions

Leave a comment

Your email address will not be published. Required fields are marked *