TippingPoint Threat Intelligence and Zero-Day Coverage – Week of June 19, 2017

Credit to Author: Elisa Lippincott (TippingPoint Global Product Marketing)| Date: Fri, 23 Jun 2017 14:44:46 +0000

Yesterday I celebrated my 29th birthday (again) and it was great to celebrate with friends, family, and coworkers. They say age is just a number, and I truly believe that. Unfortunately, we live in a world where laws require us to count numbers so that it can be determined if we can vote, drink, rent a car, and even retire from the workforce.

In our cyber security world, we love to count. In the world of the Zero Day Initiative (ZDI), the number of vulnerabilities disclosed so far in 2017 is just a number, but it’s a really big number! Last year, the ZDI publicly disclosed a record 690 vulnerabilities covering almost 50 vendors. As of the publishing of this blog, the number currently stands at 441! Is this the year we hit 1,000? Only time will tell. In the meantime, I invite you to take a sneak peek into the inner workings of the ZDI by reading Dustin Child’s blog: The Inside Scoop on the World’s Leading Bug Bounty Program. 

Adobe Security Updates

This week’s Digital Vaccine (DV) package includes coverage for Adobe updates released on or before June 13, 2017. The following table maps Digital Vaccine filters to the Adobe updates. Filters marked with an (*) shipped prior to this DV package, providing zero-day protection for our customers. You can get more detailed information on this month’s security updates from Dustin Childs’ June 2017 Security Update Review from the Zero Day Initiative:

Bulletin #CVE #Digital Vaccine Filter #Status
APSB17-17CVE-2017-3075*28094
APSB17-17CVE-2017-307628656
APSB17-17CVE-2017-307728669
APSB17-17CVE-2017-307828657
APSB17-17CVE-2017-307928658
APSB17-17CVE-2017-308128659
APSB17-17CVE-2017-308228660
APSB17-17CVE-2017-308328661
APSB17-17CVE-2017-308428662

 

Zero-Day Filters

There are 24 new zero-day filters covering four vendors in this week’s Digital Vaccine (DV) package. A number of existing filters in this week’s DV package were modified to update the filter description, update specific filter deployment recommendation, increase filter accuracy and/or optimize performance. You can browse the list of published advisories and upcoming advisories on the Zero Day Initiative website.

Adobe (16)

  • 28654: ZDI-CAN-4733: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)
  • 28660: HTTP: Adobe Flash determinePreferredLocales Memory Corruption Vulnerability (ZDI-17-408)
  • 28661: HTTP: Adobe Flash Profile Objects Use-After-Free Vulnerability (ZDI-17-406)
  • 28662: HTTP: Adobe Flash AdvertisingMetadata Use-After-Free Vulnerability (ZDI-17-407)
  • 28663: ZDI-CAN-4734: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)
  • 28664: ZDI-CAN-4746: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)
  • 28666: ZDI-CAN-4747: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)
  • 28668: ZDI-CAN-4767: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)
  • 28730: ZDI-CAN-4827: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)
  • 28731: ZDI-CAN-4828: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)
  • 28732: ZDI-CAN-4829: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)
  • 28733: ZDI-CAN-4830: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)
  • 28734: ZDI-CAN-4842: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)
  • 28735: ZDI-CAN-4843: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)
  • 28736: ZDI-CAN-4844: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)
  • 28741: ZDI-CAN-4854: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC) 

Hewlett Packard Enterprise (3)

  • 28633: HTTP: HPE Network Automation FileServlet Information Disclosure Vulnerability (ZDI-17-330)
  • 28634: HTTPS: HPE Network Automation FileServlet Information Disclosure Vulnerability (ZDI-17-330)
  • 28740: ZDI-CAN-4853: Zero Day Initiative Vulnerability (Hewlett Packard Enterprise Intelligent Management) 

Microsoft (2)

  • 28729: ZDI-CAN-4826: Zero Day Initiative Vulnerability (Microsoft Chakra)
  • 28737: ZDI-CAN-4845: Zero Day Initiative Vulnerability (Microsoft Office Word) 

Trend Micro (3)

  • 28535: HTTPS: Trend Micro InterScan Web Security testConfiguration Command Injection (ZDI-17-232)
  • 28723: ZDI-CAN-4780: Zero Day Initiative Vulnerability (Trend Micro Mobile Security for Enterprise)
  • 28724: ZDI-CAN-4784-4785,4805: Zero Day Initiative Vulnerability (Trend Micro Mobile Security) 

Missed Last Week’s News?

Catch up on last week’s news in my weekly recap.

http://feeds.trendmicro.com/TrendMicroSimplySecurity