TippingPoint Threat Intelligence and Zero-Day Coverage – Week of February 13, 2017
Credit to Author: Elisa Lippincott (TippingPoint Global Product Marketing)| Date: Fri, 17 Feb 2017 21:50:12 +0000
Love was in the air earlier this week. This past Tuesday was Valentine’s Day and what should have been Microsoft’s “Patch Tuesday,” but it was reported last month that Patch Tuesday would never be the same as Microsoft moves to a process that includes an online searchable database and automatic updates. I was wondering what this month would look like given the new process. It looks like I’m going to have to wait a little longer.
On February 14, Microsoft announced that due to a last minute issue, they are delaying this month’s updates until March 14. What makes matters worse is the fact there is Windows Server SMB zero-day flaw being exploited in the wild that can result in denial of service attacks. US-CERT has also issued a vulnerability note on the issue. The good news is that TippingPoint customers are already protected from this flaw with the following Digital Vaccine filter that was released to customers on February 7, 2017:
| |
Zero-Day Filters
There are five new zero-day filters covering four vendors in this week’s Digital Vaccine (DV) package. A number of existing filters in this week’s DV package were modified to update the filter description, update specific filter deployment recommendation, increase filter accuracy and/or optimize performance. You can browse the list of published advisories and upcoming advisories on the Zero Day Initiative website.
Adobe (2)
| |
Fatek (1)
| |
Foxit (1)
| |
IBHsoftec (1)
| |
Missed Last Week’s News?
Catch up on last week’s news in my weekly recap.