TippingPoint Threat Intelligence and Zero-Day Coverage – Week of January 16, 2017
I thought I was going to start a riot earlier this week. The Major League Baseball Hall of Fame was set to announce their 2017 class and my favorite player of all time was on the ballet again. His career statistics are those that many professional baseball players dream of (449 home runs and .540 slugging percentage, to name a few), but the accusation of using performance enhancing drugs (even though he NEVER failed any drug tests in his entire career) plagued his chances of being voted in for the last seven years. But finally, Jeff Bagwell is in the 2017 Hall of Fame.
Jeff Bagwell played for the Houston Astros for 15 years as a first baseman. He would have played longer, but a degenerative shoulder ended his career earlier than expected. What I loved about Bagwell was his work ethic. He, along with Craig Biggio (who is also in the Hall of Fame), were the leaders of the team and approached every game the same way: if you could play through pain or discomfort without risking further injury, everyone was expected to take one for team and do their part. So, what does Jeff Bagwell have to do with security? Nothing really. But in honor of his unrelenting work ethic, I’d like to give a shout out to the TippingPoint Customer Support Team. They do whatever it takes for our customers to make sure they have what they need to protect their networks. They are a great team and I’m honored to call them my colleagues.
Pwn2Own Returns for 2017 to Celebrate 10 Years of Exploits
In nine weeks, Pwn2Own 2017 returns to CanSecWest to celebrate 10 years of exploits. To celebrate 10 years of Pwn2Own, the Zero Day Initiative will be offering more than $1,000,000 across five different categories to see the latest research and again crown a Master of Pwn. It’s more money and more categories than ever before, and we can’t wait to see the research that comes to claim the prizes. Get all the details, including the complete rules of the contest, here. And don’t forget to follow the Zero Day Initiative on Twitter for all the latest updates!
Trend Micro TippingPoint® Named a Leader in 2017 Gartner Magic Quadrant for Intrusion Detection and Prevention Systems (IDPS)
Trend Micro TippingPoint has been named a Leader in the Gartner 2017 Magic Quadrant for Intrusion Detection and Prevention Systems (IDPS). With improvements in both Completeness of Vision and Ability to Execute from previous years, we believe that placement in the Leaders’ quadrant illustrates the positive progress we’ve made since the acquisition of TippingPoint in March 2016 from Hewlett Packard Enterprise. Learn more.
Adobe Updates
This week’s Digital Vaccine (DV) package includes coverage for the Adobe Security Bulletins released earlier this month. The following table maps Digital Vaccine filters to the Adobe Security Bulletins. Filters designated with an asterisk (*) shipped prior to this week’s package, providing zero-day protection for our customers:
| Bulletin # | CVE # | Digital Vaccine Filter # | Status |
| APSB17-01 | CVE-2017-2939 | 26624 | |
| APSB17-01 | CVE-2017-2941 | *26340 | |
| APSB17-01 | CVE-2017-2946 | *25832, *25833 | |
| APSB17-01 | CVE-2017-2947 | 26565 | |
| APSB17-01 | CVE-2017-2948 | 26626 | |
| APSB17-01 | CVE-2017-2949 | *25815, *25816, *25817, *25819, *25820, *25821, *25822, *25823 *25827, *25828, *25830, *25834 *25835, *25836, *25837, *25838 | |
| APSB17-01 | CVE-2017-2950 | *25809 | |
| APSB17-01 | CVE-2017-2951 | *25811 | |
| APSB17-01 | CVE-2017-2955 | 26566 | |
| APSB17-01 | CVE-2017-2956 | 26567 | |
| APSB17-01 | CVE-2017-2957 | 26567 | |
| APSB17-01 | CVE-2017-2958 | 26566 | |
| APSB17-01 | CVE-2017-2959 | *26489 | |
| APSB17-01 | CVE-2017-2960 | 26512 | |
| APSB17-01 | CVE-2017-2961 | 26518 | |
| APSB17-01 | CVE-2017-2962 | 26622 | |
| APSB17-01 | CVE-2017-2963 | 26621 | |
| APSB17-01 | CVE-2017-2964 | 26538 | |
| APSB17-01 | CVE-2017-2965 | 26536 | |
| APSB17-01 | CVE-2017-2966 | 26561 | |
| APSB17-01 | CVE-2017-2967 | 26562 | |
| APSB17-02 | CVE-2017-2926 | 26548 | |
| APSB17-02 | CVE-2017-2927 | 26547 | |
| APSB17-02 | CVE-2017-2928 | 26559 | |
| APSB17-02 | CVE-2017-2930 | 26560 | |
| APSB17-02 | CVE-2017-2931 | 26550 | |
| APSB17-02 | CVE-2017-2932 | 26551 | |
| APSB17-02 | CVE-2017-2933 | 26555 | |
| APSB17-02 | CVE-2017-2934 | 26558 | |
| APSB17-02 | CVE-2017-2935 | 26563 | |
| APSB17-02 | CVE-2017-2936 | 26568 | |
| APSB17-02 | CVE-2017-2937 | 26569 |
Microsoft Patch Tuesday Update
This week’s Digital Vaccine (DV) package includes additional coverage for the Microsoft Security Bulletins released earlier this month. The following table maps Digital Vaccine filters to the Microsoft Security Bulletins.
| Bulletin # | CVE # | Digital Vaccine Filter # | Status |
| MS16-129 | CVE-2017-7202 | 26476 | |
| MS16-144 | CVE-2017-7202 | 26476 | |
| MS17-004 | CVE-2017-0004 | 25914, 26554 |
Zero Day Initiative Team Members Speaking at REcon Brussels 2017
RECon is a computer security conference with a focus on reverse engineering and advanced exploitation techniques. The conference will be held for the first time in Brussels, Belgium. It offers a single track of presentations over the span of three days with a focus on reverse engineering and advanced exploitation techniques. The Zero Day Initiative will be represented with two speaking slots during the conference that’s being held on January 27-29, 2017:
| |
For more information on the conference, visit https://recon.cx/2017/brussels/.
Zero-Day Filters
There are 28 new zero-day filters covering five vendors in this week’s Digital Vaccine (DV) package. A number of existing filters in this week’s DV package were modified to update the filter description, update specific filter deployment recommendation, increase filter accuracy and/or optimize performance. You can browse the list of published advisories and upcoming advisories on the Zero Day Initiative website.
Adobe (14)
| |
Hewlett Packard Enterprise (1)
| |
Microsoft (1)
| |
Novell (1)
| |
Trend Micro (11)
| |
Missed Last Week’s News?
Catch up on last week’s news in my weekly recap.