• TREND MICRO
  • ABOUT
Search:
  • Latest Posts
  • Categories
    • Android
    • AWS
    • Azure
    • Cloud
    • Compliance
    • Critical Infrastructure
    • Cybercrime
    • Encryption
    • Financial Services
    • Government
    • Hacks
    • Healthcare
    • Internet of Everything
    • Malware
    • Microsoft
    • Mobile Security
    • Network
    • Privacy
    • Ransomware
    • Security
    • Social Media
    • Small Business
    • Targeted Attacks
    • Trend Spotlight
    • Virtualization
    • Vulnerabilities
    • Web Security
    • Zero Day Initiative
    • Industry News
  • Our Experts
    • Ed Cabrera
    • Rik Ferguson
    • Greg Young
    • Mark Nunnikhoven
    • Jon Clay
    • William “Bill” Malik
  • Research
Home   »   Network   »   TippingPoint Threat Intelligence and Zero-Day Coverage – Week of April 9, 2018

TippingPoint Threat Intelligence and Zero-Day Coverage – Week of April 9, 2018

  • Posted on:April 13, 2018
  • Posted in:Network, Security, Zero Day Initiative
  • Posted by:
    Elisa Lippincott (Global Threat Communications)
0

The interviewing process can be mentally draining. You have to look your best, say the right things, and prove that you’re the best person for the job. When I interview candidates, I love to come up with the one crazy question that isn’t on the usual list of questions that might be asked. I probably won’t be able to use it now since I’m going to disclose it here, but here goes: “If you were a tree, what type of tree would you be and why?” I don’t expect candidates to be experts in forestry or dendrology because there is no right or wrong answer, but I do like to hear what people can come up with off the top of their head. If you think that question is weird, how about this one? “Is it ever possible that (a== 1 && a ==2 && a==3) could evaluate to true in JavaScript?” Jasiel Spelman from our Zero Day Initiative came across this question on a post he read that is being asked during interviews at major tech firms. He takes a stab at answering the question in his latest blog: Inverting Your Assumptions: A Guide to JIT Comparisons. You can read it here: https://www.zerodayinitiative.com/blog/2018/4/12/inverting-your-assumptions-a-guide-to-jit-comparisons. Microsoft Security Updates There are seven new zero-day filters covering four vendors in this week’s Digital Vaccine (DV) package. Microsoft released 67 security patches covering Internet Explorer (IE), Edge, ChakraCore, Windows, Visual Studio, Microsoft Office and Office Services and Web Apps, and the Malware Protection Engine. Of these 67 CVEs, 24 are listed as Critical, 42 are rated Important, and one is listed as Moderate in severity. Seven of these CVEs came through the ZDI program. The following table maps Digital Vaccine filters to the Microsoft updates. You can get more detailed information on this month’s security updates from Dustin Childs’ April 2018 Security Update Review from the Zero Day Initiative:

CVE # Digital Vaccine Filter # Status
CVE-2018-0870 31038
CVE-2018-0871 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-0887 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-0890 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-0892 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-0920 31039
CVE-2018-0950 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-0956 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-0957 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-0960 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-0963 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-0964 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-0966 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-0967 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-0968 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-0969 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-0970 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-0971 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-0972 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-0973 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-0974 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-0975 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-0976 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-0979 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-0980 31040
CVE-2018-0981 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-0986 31136
CVE-2018-0987 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-0988 31041
CVE-2018-0989 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-0990 31061
CVE-2018-0991 31061
CVE-2018-0993 31043
CVE-2018-0994 31044
CVE-2018-0995 31060
CVE-2018-0996 31069
CVE-2018-0997 31076
CVE-2018-0998 31077
CVE-2018-1000 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-1001 31075
CVE-2018-1002 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-1003 31079
CVE-2018-1004 31080
CVE-2018-1005 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-1007 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-1008 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-1009 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-1010 31081
CVE-2018-1011 31074
CVE-2018-1012 31072
CVE-2018-1013 31070
CVE-2018-1014 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-1015 31067
CVE-2018-1016 31064
CVE-2018-1018 31060
CVE-2018-1019 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-1020 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-1022 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-1023 31062
CVE-2018-1026 31063
CVE-2018-1027 31066
CVE-2018-1028 31073
CVE-2018-1029 31068
CVE-2018-1030 31071
CVE-2018-1032 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-1034 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-1037 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-8116 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-8117 Vendor Deemed Reproducibility or Exploitation Unlikely

Zero-Day Filters There are nine new zero-day filters covering five vendors in this week’s Digital Vaccine (DV) package. A number of existing filters in this week’s DV package were modified to update the filter description, update specific filter deployment recommendation, increase filter accuracy and/or optimize performance. You can browse the list of published advisories and upcoming advisories on the Zero Day Initiative website. You can also follow the Zero Day Initiative on Twitter @thezdi and on their blog.

Apple (2)

 

 

  • 31139: ZDI-CAN-5525: Zero Day Initiative Vulnerability (Apple Safari)
  • 31141: ZDI-CAN-5526: Zero Day Initiative Vulnerability (Apple Safari)

Foxit (3)

  • 31143: ZDI-CAN-5527: Zero Day Initiative Vulnerability (Foxit Reader)
  • 31145: ZDI-CAN-5528,5331: Zero Day Initiative Vulnerability (Foxit Reader)
  • 31146: ZDI-CAN-5529: Zero Day Initiative Vulnerability (Foxit Reader)

Hewlett Packard (2)

  • 30919: HTTP: HP Application Lifecycle Management ActiveX Insecure Method Exposure Vulnerability(ZDI-12-170)
  • 31036: HTTPS: HP iNode Management Center iNodeMngChecker.exe Buffer Overflow Vulnerability (ZDI-11-232)

Microsoft (1)

  • 31048: HTTP: Microsoft Office Excel XLSX File Memory Corruption Vulnerability (ZDI-10-025)

Trend Micro (1)

  • 31147: ZDI-CAN-5533,5534: Zero Day Initiative Vulnerability (Trend Micro Encryption for Email Gateway)

Missed Last Week’s News? Catch up on last week’s news in my weekly recap.

Related posts:

  1. TippingPoint Threat Intelligence and Zero-Day Coverage – Week of March 12, 2018
  2. TippingPoint Threat Intelligence and Zero-Day Coverage – Week of June 11, 2018
  3. TippingPoint Threat Intelligence and Zero-Day Coverage – Week of February 12, 2018
  4. TippingPoint Threat Intelligence and Zero-Day Coverage – Week of May 7, 2018

Security Intelligence Blog

  • Our New Blog
  • How Unsecure gRPC Implementations Can Compromise APIs, Applications
  • XCSSET Mac Malware: Infects Xcode Projects, Performs UXSS Attack on Safari, Other Browsers, Leverages Zero-day Exploits

Featured Authors

Ed Cabrera (Chief Cybersecurity Officer)
Ed Cabrera (Chief Cybersecurity Officer)
  • Ransomware is Still a Blight on Business
Greg Young (Vice President for Cybersecurity)
Greg Young (Vice President for Cybersecurity)
  • Not Just Good Security Products, But a Good Partner
Jon Clay (Global Threat Communications)
Jon Clay (Global Threat Communications)
  • This Week in Security News: Ransomware Gang is Raking in Tens of Millions of Dollars and Microsoft Patch Tuesday Update Fixes 17 Critical Bugs
Mark Nunnikhoven (Vice President, Cloud Research)
Mark Nunnikhoven (Vice President, Cloud Research)
  • Twitter Hacked in Bitcoin Scam
Rik Ferguson (VP, Security Research)
Rik Ferguson (VP, Security Research)
  • The Sky Has Already Fallen (you just haven’t seen the alert yet)
William
William "Bill" Malik (CISA VP Infrastructure Strategies)
  • Black Hat Trip Report – Trend Micro

Follow Us

Trend Micro In The News

  • Fujitsu and Trend Micro Demonstrate Solution To Secure Private 5G
  • Trend Micro Receives 5-Star Rating in 2021 CRN® Partner Program Guide
  • Smart Factory Cyber Attacks Knock Out Production for Days
  • Eliminate Hesitations: Security Simplified For Those Building In The Cloud
  • Nuffield Health Depends on Managed XDR with Trend Micro Vision One
  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © 2017 Trend Micro Incorporated. All rights reserved.