One of my favorite animated movies is The Incredibles. If you haven’t seen the movie, it’s about a family of superheroes forced to hide their powers and live a quiet suburban life after facing several lawsuits over peripheral damage caused by their crime-fighting activities. The dad, Mr. Incredible, continues to fight crime undercover. His wife, Elastigirl, becomes suspicious and figures out that his old uniform was recently altered by Edna Mode, the fashion designer for the superheroes. Elastigirl visits Edna to get more information and when she arrives, she finds out that Edna has designed new costumes for the entire family. Since all of the superheroes have been grounded, you can imagine the security that is needed to avoid exposing their non-sanctioned crime-fighting and top secret designs. As Edna gets ready to show Elastigirl the new designs, she has to go through a series of biometric access controls to get to her secret design studio.
At one point or another, you’ve probably used a form of physical access control. Maybe it’s an access card to access your work office building or temporary access to another secure, public area. So imagine if someone was able to bypass access control mechanisms to access Edna’s top secret designs, or a room at your company where HR personnel records are housed or a police station room where criminal evidence is kept? The threat is real and the consequences could be disastrous.
Ricky “HeadlessZeke” Lawshae from our Trend Micro TippingPoint DVLabs team discovered a potentially devastating bug affecting HID door controllers. HID is a global leader in physical access control and provides an extensive portfolio or readers, cards, controllers and software to create, manage and use secure identities. Luckily, Ricky is one of the good guys so he provided the vulnerability information to our Zero Day Initiative team, and they worked with HID to ensure that it got fixed. HID has a patch available now through their partner portal.
You can read more on Ricky’s blog:
We’ve also garnered some press around the HID vulnerability. Here is some of the press coverage:
Missed Last Week’s News?
Catch up on last week’s news in my weekly recap posted on the Trend Micro Simply Security blog!
There are four new zero-day filters covering one vendor in this week’s Digital Vaccine (DV) package. A number of existing filters in this week’s DV package were modified to update the filter description, update specific filter deployment recommendation, increase filter accuracy and/or optimize performance. You can browse the list of published advisories and upcoming advisories on the Zero Day Initiative web site.
|• 24075: HTTP: Adobe Reader U3D Texture rgba RLE Decompression Vulnerability (ZDI-11-067)
• 24076: HTTP: Adobe Reader U3D Texture bmp RLE Decompression Vulnerability (ZDI-11-068)
• 24077: HTTP: Adobe Reader U3D Texture psd RLE Decompression Vulnerability (ZDI-11-069)
• 24089: ZDI-CAN-3520: Zero Day Initiative Vulnerability (Adobe Acrobat Reader DC)
Updated Existing Zero-Day Filters
This section will highlight specific filters in this week’s Digital Vaccine package that have been updated as a result of a vendor issuing a patch for a vulnerability found via the Zero Day Initiative. The Digital Vaccine filter for the HID vulnerability I mentioned above has been updated to reflect the fact that HID now has a patch available. TippingPoint customers can deploy the following filter to protect themselves against it: