TippingPoint Threat Intelligence and Zero-Day Coverage – Week of February 26, 2018

Credit to Author: Elisa Lippincott (TippingPoint Global Product Marketing)| Date: Fri, 02 Mar 2018 16:22:09 +0000

Pwn2Own 2018 is coming up in a couple of weeks and I am excited to see what interesting vulnerabilities will pop up at the contest. I attempted to explain the contest to my mom, and in the simplest terms, I told her that Pwn2Own is a contest where contestants are rewarded for breaking something. It’s not as basic as me beating up a printer with a baseball bat – which I have done, by the way, paying homage to the 1999 movie Office Space.

It’s about breaking something, in this case, finding vulnerabilities in software, with the ultimate goal of making the software better.

Attackers are always adapting their ways of exploiting vulnerabilities and the good guys out there are adapting with them to make sure they’re not successful. At last year’s event, we saw the first virtual machine escapes in contest history. For this year’s contest, virtualization targets are on the list and we welcome VMWare as a sponsor. Microsoft isn’t only a target in the enterprise application category, they have joined us as our partner in this year’s contest.

For more information on the upcoming contest, complete rules, and how to enter the contest, visit https://www.zerodayinitiative.com/blog/2018/1/25/pwn2own-returns-for-2018-partners-with-microsoft-and-sponsored-by-vmware.

Registration for the contest participation closes at 5pm Pacific Time on March 5, 2018. For the latest updates, follow the Zero Day Initiative on Twitter at @thezdi.

Zero-Day Filters

There are 21 new zero-day filters covering five vendors in this week’s Digital Vaccine (DV) package. A number of existing filters in this week’s DV package were modified to update the filter description, update specific filter deployment recommendation, increase filter accuracy and/or optimize performance. You can browse the list of published advisories and upcoming advisories on the Zero Day Initiative website. You can also follow the Zero Day Initiative on Twitter @thezdi and on their blog.

Adobe (13)

  • 30436: ZDI-CAN-5455: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)
  • 30437: ZDI-CAN-5456: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)
  • 30438: ZDI-CAN-5457: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)
  • 30440: ZDI-CAN-5463: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)
  • 30441: ZDI-CAN-5464: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)
  • 30442: ZDI-CAN-5465: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)
  • 30443: ZDI-CAN-5466: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)
  • 30446: ZDI-CAN-5467: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)
  • 30447: ZDI-CAN-5468: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)
  • 30448: ZDI-CAN-5469: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)
  • 30449: ZDI-CAN-5470: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)
  • 30451: ZDI-CAN-5474: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)
  • 30452: ZDI-CAN-5475: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)

Foxit (2)

  • 30450: ZDI-CAN-5471: Zero Day Initiative Vulnerability (Foxit Reader)
  • 30470: ZDI-CAN-5488: Zero Day Initiative Vulnerability (Foxit Reader)

OMRON (3)

  • 30432: ZDI-CAN-5453: Zero Day Initiative Vulnerability (OMRON CX-One)
  • 30435: ZDI-CAN-5454: Zero Day Initiative Vulnerability (OMRON CX-One)
  • 30439: ZDI-CAN-5462: Zero Day Initiative Vulnerability (OMRON CX-One)

SAP (1)

  • 30467: ZDI-CAN-5478: Zero Day Initiative Vulnerability (SAP MaxDB)

WECON (2)

  • 30468: ZDI-CAN-5480: Zero Day Initiative Vulnerability (WECON LeviStudio)
  • 30469: ZDI-CAN-5481,5482: Zero Day Initiative Vulnerability (WECON LeviStudio)

Missed Last Week’s News?

Catch up on last week’s news in my weekly recap.

http://feeds.trendmicro.com/TrendMicroSimplySecurity