TippingPoint Threat Intelligence and Zero-Day Coverage – Week of May 7, 2018

Credit to Author: Elisa Lippincott (TippingPoint Global Product Marketing)| Date: Fri, 11 May 2018 15:37:20 +0000

This week marked National Teacher Appreciation Week here in the United States. I was happy to see that many other countries celebrate educators in all the other months of the year. All of us have at least one teacher, instructor or professor who really made a difference in our lives. There are two for me, and while they may not remember me out of the thousands they taught over the years, I definitely remember them. The first one helped me realize that I could write, and had me focus my frustration through poetry and essays as a 10-year-old moving from a city of almost two million (at the time) to a small town with 3,000 people trying to fit in. The second one validated my love for writing and journalism in college, encouraged me to ask the tough questions (don’t forget the five Ws and the H!) and reminded me to never bury the lead. He never forgave me for “going to the dark side” – that was his definition for marketing – but told me that as long as I’m still writing in some capacity, he was happy.

It’s only fitting that during National Teach Appreciation week that the University of Texas at San Antonio announced its plans to open a new cybersecurity center for government agencies and businesses seeking future cybersecurity workers and research. The space may potentially host a startup incubator, a computing center for research, data visualization lab and other research and training facilities. With a predicted 3.5 million unfilled cybersecurity positions by the year 2021, according to the Cybersecurity Jobs Report 2018-2021, we need all the help we can get to stay ahead of sophisticated cyber threats. You can learn more about the new center here.

TippingPoint Operating System (TOS) v5.0.3

Late last week, we released TOS v5.0.3 build 4867 for the TippingPoint TX-Series devices (8200TX/8400TX). For a complete list of enhancements and changes, customers can refer to the product Release Notes located on the Threat Management Center (TMC) website. Customers with any concerns or questions can contact the Trend Micro TippingPoint Technical Assistance Center (TAC).

Microsoft Security Updates

This week’s Digital Vaccine® (DV) package includes coverage for Microsoft updates released on or before May 8, 2018. It was another busy month for Microsoft with 68 security patches covering Internet Explorer (IE), Edge, ChakraCore, Hyper-V Server, Windows, Visual Studio, Microsoft Office and Office Services and Web Apps, and the Azure IoT SDK. Of these 68 CVEs, 21 are listed as Critical, 45 are rated Important, and two are listed as Low in severity. Eleven of these CVEs came through the ZDI program. The following table maps Digital Vaccine filters to the Microsoft updates. You can get more detailed information on this month’s security updates from Dustin Childs’ May 2018 Security Update Review from the Zero Day Initiative:

CVE #Digital Vaccine Filter #Status
CVE-2018-0765Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-0824Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-0854Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-0905Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-0943Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-0945Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-094631487
CVE-2018-095131488
CVE-2018-095331489
CVE-2018-095431490
CVE-2018-095531563
CVE-2018-0958Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-0959Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-0961Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-1021Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-1022Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-1025Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-1039Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-8112Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-811431491
CVE-2018-8119Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-812031562
CVE-2018-812231492
CVE-2018-812331552
CVE-2018-812431558
CVE-2018-8126Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-8127Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-8128Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-8129Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-8130Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-8132Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-813331494
CVE-2018-8134Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-8136Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-813731617
CVE-2018-8139Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-8145Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-814731554
CVE-2018-814831555
CVE-2018-8149Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-8150Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-8151Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-8152Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-8153Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-8154Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-8155Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-8156Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-815731556
CVE-2018-815831557
CVE-2018-8159Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-8160Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-816131573
CVE-2018-816231559
CVE-2018-8163Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-816431561
CVE-2018-816531571
CVE-2018-816631572
CVE-2018-816731560
CVE-2018-8168Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-8170Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-8173Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-817431493
CVE-2018-8177Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-8178Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-817931498
CVE-2018-8897Vendor Deemed Reproducibility or Exploitation Unlikely

 

Zero-Day Filters

There are two new zero-day filters covering one vendor in this week’s Digital Vaccine (DV) package. A number of existing filters in this week’s DV package were modified to update the filter description, update specific filter deployment recommendation, increase filter accuracy and/or optimize performance. You can browse the list of published advisories and upcoming advisories on the Zero Day Initiative website. You can also follow the Zero Day Initiative on Twitter @thezdi and on their blog.

Trend Micro (2)

  • 31495: ZDI-CAN-5550 Zero Day Initiative Vulnerability (Trend Micro Encryption for Email Gateway)
  • 31496: ZDI-CAN-5551 Zero Day Initiative Vulnerability (Trend Micro Encryption for Email Gateway)

Missed Last Week’s News?

Catch up on last week’s news in my weekly recap.

The post TippingPoint Threat Intelligence and Zero-Day Coverage – Week of May 7, 2018 appeared first on .

http://feeds.trendmicro.com/TrendMicroSimplySecurity