TippingPoint Threat Intelligence and Zero-Day Coverage – Week of June 5, 2017
Credit to Author: Elisa Lippincott (TippingPoint Global Product Marketing)| Date: Fri, 09 Jun 2017 12:00:05 +0000
This week marked the first time an airline misplaced my bags for a significant period of time. Inclement weather forced me to not only change my flight, but also change airlines. Unfortunately, my luggage didn’t get the memo. I dealt with two airlines to find my bags, and I eventually received my bags over 60 hours later. As Geoffrey Chaucer wrote in The Canterbury Tales, “For better than never is late; never to succeed would be too long a period.”
It’s better late than never if you haven’t had the chance to read one of the latest white papers from the Zero Day Initiative. Their paper, “Transforming Open Source to Open Access in Closed Applications,” sheds light on both old and new vulnerabilities found in Adobe Reader’s XSLT engine, including several that needed to be patched more than once. It focuses on techniques for auditing the source code of Sablotron to find corresponding bugs in Adobe Reader. The paper also presents a new source-to-binary matching technique to help researchers pinpoint the vulnerable conditions within Sablotron that also reside in the assembly of Reader. You will also see real-world application of these techniques demonstrated in the paper through a series of code execution vulnerabilities discovered in Adobe Reader’s codebase.
Zero-Day Filters
There are 16 new zero-day filters covering three vendors in this week’s Digital Vaccine (DV) package. A number of existing filters in this week’s DV package were modified to update the filter description, update specific filter deployment recommendation, increase filter accuracy and/or optimize performance. You can browse the list of published advisories and upcoming advisories on the Zero Day Initiative website.
Adobe (11)
| |
Trend Micro (4)
| |
VIPA (1)
| |
Missed Last Week’s News?
Catch up on last week’s news in my weekly recap.