• TREND MICRO
  • ABOUT
Search:
  • Latest Posts
  • Categories
    • Android
    • AWS
    • Azure
    • Cloud
    • Compliance
    • Critical Infrastructure
    • Cybercrime
    • Encryption
    • Financial Services
    • Government
    • Hacks
    • Healthcare
    • Internet of Everything
    • Malware
    • Microsoft
    • Mobile Security
    • Network
    • Privacy
    • Ransomware
    • Security
    • Social Media
    • Small Business
    • Targeted Attacks
    • Trend Spotlight
    • Virtualization
    • Vulnerabilities
    • Web Security
    • Zero Day Initiative
    • Industry News
  • Our Experts
    • Ed Cabrera
    • Rik Ferguson
    • Greg Young
    • Mark Nunnikhoven
    • Jon Clay
    • William “Bill” Malik
  • Research
Home   »   Network   »   TippingPoint Threat Intelligence and Zero-Day Coverage – Week of April 25, 2016

TippingPoint Threat Intelligence and Zero-Day Coverage – Week of April 25, 2016

  • Posted on:April 29, 2016
  • Posted in:Network, Security
  • Posted by:
    Elisa Lippincott (Global Threat Communications)
0

My heart has been aching since I heard the news about Prince’s untimely death last week. Prince Rogers Nelson was an innovator who paved the way and influenced many artists across different music genres. At the same time, he defied the music industry, fighting to protect the rights, music and likeness of artists. He was the ultimate musician, able to play over 27 instruments and, in my opinion, one of the most underrated guitarists ever to play the instrument. Prince was also a non-conformist, not following trends but setting his own, making an awkward teenage girl like me accept, and feel comfortable in, my own weirdness. In the end, the world lost a tremendous talent and philanthropist who was very generous with many charities, including #YesWeCode, an organization that helps young women and men from low-opportunity backgrounds find success in the tech sector. As for me, I lost a significant representative of my youth. He was my Kiss, my Little Red Corvette, my Manic Monday, my Jungle Love, my Starfish and Coffee, Maple Syrup and Jam.

For those of us who work in the IT security industry, we’re all tasked with helping our customers protect against cyberattacks, but it shouldn’t stop there. We need to push the envelope and drive innovation beyond the confines of our disparate solutions if we hope to have any chance against the bad guys. If Prince had just made his music, but didn’t fight for the protection of artistic freedom and ownership rights, many artists may not have many of the ownership protections they have today. Since its inception in 2005, our Zero Day Initiative has been “pushing the envelope” with the responsible disclosure of vulnerabilities. We’re able to provide a Digital Vaccine filter for a vulnerability that hasn’t been patched yet to our TippingPoint customers, but we take it a step further and work with the affected vendors to ensure they have what they need to patch the vulnerability and secure their code. We held our annual Pwn2Own event in March, where we saw 21 vulnerabilities across Adobe, Apple, Google and Microsoft products. Yes, we awarded researchers hundreds of thousands of dollars in prizes, a cool jacket and a big trophy, but in the end, we are inspiring vendors like Adobe “to come up with the next generation of defenses.” Adobe’s “Reflections on Pwn2Own” blog is a testament to our innovation in responsible vulnerability discovery. As Adobe states, “Pwn2Own is truly valuable because it shows how different researchers will try to bypass the existing mitigations to create the fully weaponized exploit.”

Missed Last Week’s News?

Catch up on last week’s news in my weekly recap posted on the Trend Micro Simply Security blog!

Zero-Day Filters

There are 22 new zero-day filters covering seven vendors in this week’s Digital Vaccine (DV) package. A number of existing filters in this week’s DV package were modified to update the filter description, update specific filter deployment recommendation, increase filter accuracy and/or optimize performance. You can browse the list of published advisories and upcoming advisories on the Zero Day Initiative web site.

Adobe (4)

  • 24368: ZDI-CAN-3569: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)
  • 24369: ZDI-CAN-3571: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)
  • 24387: ZDI-CAN-3602: Zero Day Initiative Vulnerability (Adobe Acrobat Reader DC)
  • 24388: ZDI-CAN-3633: Zero Day Initiative Vulnerability (Adobe Acrobat Reader DC)

Cisco (1)

  • 24385: ZDI-CAN-3599: Zero Day Initiative Vulnerability (Cisco UCS Manager)

Foxit (1)

  • 24362: HTTP: Foxit Reader FlateDecode Use-After-Free Vulnerability (ZDI-16-221)

Google (2)

  • 24386: ZDI-CAN-3594: Zero Day Initiative Vulnerability (Google Chrome)
  • 24468: ZDI-CAN-3655: Zero Day Initiative Vulnerability (Google Chrome)

Microsoft (1)

  • 24366: ZDI-CAN-3568: Zero Day Initiative Vulnerability (Microsoft Windows Media Center)

Schneider Electric (12)

  • 24381: ZDI-CAN-3580: Zero Day Initiative Vulnerability (Schneider Electric U.motion Builder)
  • 24382: ZDI-CAN-3582: Zero Day Initiative Vulnerability (Schneider Electric U.motion Builder)
  • 24383: ZDI-CAN-3583: Zero Day Initiative Vulnerability (Schneider Electric U.motion Builder)
  • 24384: ZDI-CAN-3584: Zero Day Initiative Vulnerability (Schneider Electric U.motion Builder)
  • 24398: ZDI-CAN-3643: Zero Day Initiative Vulnerability (Schneider Electric U.motion Builder)
  • 24399: ZDI-CAN-3645: Zero Day Initiative Vulnerability (Schneider Electric U.motion Builder)
  • 24400: ZDI-CAN-3644: Zero Day Initiative Vulnerability (Schneider Electric U.motion Builder)
  • 24401: ZDI-CAN-3646: Zero Day Initiative Vulnerability (Schneider Electric U.motion Builder)
  • 24402: ZDI-CAN-3647: Zero Day Initiative Vulnerability (Schneider Electric U.motion Builder)
  • 24403: ZDI-CAN-3649: Zero Day Initiative Vulnerability (Schneider Electric U.motion Builder)
  • 24404: ZDI-CAN-3652: Zero Day Initiative Vulnerability (Schneider Electric U.motion Builder)
  • 24405: ZDI-CAN-3653: Zero Day Initiative Vulnerability (Schneider Electric U.motion Builder)

Trend Micro (1)

  • 24363: ZDI-CAN-3566: Zero Day Initiative Vulnerability (Trend Micro InterScan Web Security)

Updated Existing Zero-Day Filters

This section highlights specific filter(s) of interest in this week’s Digital Vaccine package that have been updated as a result of a vendor either issuing a patch for a vulnerability found via the Zero Day Initiative or a vulnerability that has been published by the Zero Day Initiative in accordance with its Disclosure Policy.

On April 14, 2016, we issued an urgent call to action to uninstall Apple QuickTime for Windows because Apple is deprecating QuickTime for Windows and will no longer be issuing security updates for the product. The filters below have been updated to reflect the published status of the QuickTime vulnerabilities:

  • 21918: HTTP: Apple QuickTime moov Atom Memory Corruption Vulnerability (ZDI-16-241)
  • 21919: HTTP: Apple QuickTime Atom Buffer Overflow Vulnerability (ZDI-16-242)

Related posts:

  1. TippingPoint Threat Intelligence and Zero-Day Coverage – Week of December 26, 2016
  2. TippingPoint Threat Intelligence and Zero-Day Coverage – Week of October 23, 2017
  3. TippingPoint Threat Intelligence and Zero-Day Coverage – Week of May 2, 2016
  4. TippingPoint Threat Intelligence and Zero-Day Coverage – Week of April 4, 2016

Security Intelligence Blog

  • Our New Blog
  • How Unsecure gRPC Implementations Can Compromise APIs, Applications
  • XCSSET Mac Malware: Infects Xcode Projects, Performs UXSS Attack on Safari, Other Browsers, Leverages Zero-day Exploits

Featured Authors

Ed Cabrera (Chief Cybersecurity Officer)
Ed Cabrera (Chief Cybersecurity Officer)
  • Ransomware is Still a Blight on Business
Greg Young (Vice President for Cybersecurity)
Greg Young (Vice President for Cybersecurity)
  • Not Just Good Security Products, But a Good Partner
Jon Clay (Global Threat Communications)
Jon Clay (Global Threat Communications)
  • This Week in Security News: Ransomware Gang is Raking in Tens of Millions of Dollars and Microsoft Patch Tuesday Update Fixes 17 Critical Bugs
Mark Nunnikhoven (Vice President, Cloud Research)
Mark Nunnikhoven (Vice President, Cloud Research)
  • Twitter Hacked in Bitcoin Scam
Rik Ferguson (VP, Security Research)
Rik Ferguson (VP, Security Research)
  • The Sky Has Already Fallen (you just haven’t seen the alert yet)
William
William "Bill" Malik (CISA VP Infrastructure Strategies)
  • Black Hat Trip Report – Trend Micro

Follow Us

Trend Micro In The News

  • Trend Micro Transforms Channel Program to Advance Cloud Security and Services
  • Exceptional Attack Protection Proven in Rigorous MITRE Engenuity ATT&CK® Evaluations
  • Trend Micro Offerings Are FedRAMP Authorized and Available on AWS
  • Fujitsu and Trend Micro Demonstrate Solution To Secure Private 5G
  • Trend Micro Receives 5-Star Rating in 2021 CRN® Partner Program Guide
  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © 2017 Trend Micro Incorporated. All rights reserved.