• TREND MICRO
  • ABOUT
Search:
  • Latest Posts
  • Categories
    • Android
    • AWS
    • Azure
    • Cloud
    • Compliance
    • Critical Infrastructure
    • Cybercrime
    • Encryption
    • Financial Services
    • Government
    • Hacks
    • Healthcare
    • Internet of Everything
    • Malware
    • Microsoft
    • Mobile Security
    • Network
    • Privacy
    • Ransomware
    • Security
    • Social Media
    • Small Business
    • Targeted Attacks
    • Trend Spotlight
    • Virtualization
    • Vulnerabilities
    • Web Security
    • Zero Day Initiative
    • Industry News
  • Our Experts
    • Ed Cabrera
    • Rik Ferguson
    • Greg Young
    • Mark Nunnikhoven
    • Jon Clay
    • William “Bill” Malik
  • Research
Home   »   Network   »   TippingPoint Threat Intelligence and Zero-Day Coverage – Week of February 12, 2018

TippingPoint Threat Intelligence and Zero-Day Coverage – Week of February 12, 2018

  • Posted on:February 16, 2018
  • Posted in:Network, Security, Zero Day Initiative
  • Posted by:
    Elisa Lippincott (Global Threat Communications)
0

Valentine’s Day was earlier this week, and there was so much love in the air. There was also a lot of love in the Trend Micro world as our teams worked diligently to make sure our customers were protected from this month’s bevy of critical vulnerabilities across several vendors. This week, we focus on Microsoft, who issued a whopping 50 security patches covering Internet Explorer (IE), Microsoft Edge, ChakraCore, Microsoft Windows and Microsoft Office. Eight of the CVEs came through the Zero Day Initiative program!

There are some scary bugs out there! One of the interesting ones that Microsoft patched this month for Microsoft Outlook used the preview pane as an attack vector. That means an exploit of this vulnerability could allow code execution without even opening an email. You can get more information on this month’s Microsoft updates from Dustin Childs’ February 2018 Security Update Review from the Zero Day Initiative:

Microsoft Security Updates

This week’s Digital Vaccine® (DV) package includes coverage for Microsoft updates released on or before February 13, 2018. The following table maps Digital Vaccine filters to the Microsoft updates. Filters marked with * shipped prior to this week’s DV package, providing preemptive protection for our customers.

CVE # Digital Vaccine Filter # Status
CVE-2018-0742 30334
CVE-2018-0755 *30237
CVE-2018-0756 30336
CVE-2018-0757 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-0760 *30241
CVE-2018-0761 *30239
CVE-2018-0763 *30275
CVE-2018-0771 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-0809 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-0810 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-0820 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-0821 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-0822 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-0823 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-0825 30341
CVE-2018-0826 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-0827 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-0828 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-0829 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-0830 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-0831 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-0832 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-0833 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-0834 30345
CVE-2018-0835 30349
CVE-2018-0836 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-0837 30351
CVE-2018-0838 30362
CVE-2018-0839 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-0840 30365
CVE-2018-0841 30388
CVE-2018-0842 30367
CVE-2018-0843 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-0844 30366
CVE-2018-0846 30368
CVE-2018-0847 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-0850 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-0851 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-0852 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-0853 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-0855 *30242
CVE-2018-0856 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-0857 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-0858 30331
CVE-2018-0859 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-0860 30342
CVE-2018-0861 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-0864 Vendor Deemed Reproducibility or Exploitation Unlikely
CVE-2018-0866 30410
CVE-2018-0869 Vendor Deemed Reproducibility or Exploitation Unlikely

Offensivecon 2018

If you happen to be reading this and you’re in Berlin, Germany, three members of our Zero Day Initiative team (Brian Gorenc, Abdul-Aziz Hariri and Jasiel Spelman) will be speaking later today at Offensivecon 2018, an international security conference that brings the hacker community together for networking and sharing knowledge. Their session, “L’art de l’évasion: Modern VMWare Exploitation Techniques,” will dive into modern exploitation techniques of VMware vulnerabilities and take an in-depth look at the available attack surfaces on a virtual machine. Learn more by clicking here: https://www.offensivecon.org/speakers/2018/zdi-team.html

Zero-Day Filters

There are 13 new zero-day filters covering five vendors in this week’s Digital Vaccine (DV) package. A number of existing filters in this week’s DV package were modified to update the filter description, update specific filter deployment recommendation, increase filter accuracy and/or optimize performance. You can browse the list of published advisories and upcoming advisories on the Zero Day Initiative website. You can also follow the Zero Day Initiative on Twitter @thezdi and on their blog.

Adobe (5)

  • 30359: ZDI-CAN-5381: Zero Day Initiative Vulnerability (Adobe Flash Player)
  • 30370: ZDI-CAN-5237: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)
  • 30371: ZDI-CAN-5238: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)
  • 30372: ZDI-CAN-5241: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)
  • 30373: ZDI-CAN-5291: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)

Delta (1)

  • 30391: ZDI-CAN-5389: Zero Day Initiative Vulnerability (Delta Industrial Automation TPEditor)

Foxit (3)

  • 30355: ZDI-CAN-5376,5377: Zero Day Initiative Vulnerability (Foxit Reader)
  • 30358: ZDI-CAN-5379: Zero Day Initiative Vulnerability (Foxit Reader)
  • 30360: ZDI-CAN-5382: Zero Day Initiative Vulnerability (Foxit Reader)

Microsoft (1)

  • 30357: ZDI-CAN-5378: Zero Day Initiative Vulnerability (Microsoft Windows)

OMRON (3)

  • 30392: ZDI-CAN-5402: Zero Day Initiative Vulnerability (OMRON CX-One)
  • 30393: ZDI-CAN-5403: Zero Day Initiative Vulnerability (OMRON CX-One)
  • 30394: ZDI-CAN-5404: Zero Day Initiative Vulnerability (OMRON CX-One)

Missed Last Week’s News?

Catch up on last week’s news in my weekly recap.

Related posts:

  1. TippingPoint Threat Intelligence and Zero-Day Coverage – Week of March 12, 2018
  2. TippingPoint Threat Intelligence and Zero-Day Coverage – Week of June 11, 2018
  3. TippingPoint Threat Intelligence and Zero-Day Coverage – Week of January 8, 2018
  4. TippingPoint Threat Intelligence and Zero-Day Coverage – Week of April 9, 2018

Security Intelligence Blog

  • Our New Blog
  • How Unsecure gRPC Implementations Can Compromise APIs, Applications
  • XCSSET Mac Malware: Infects Xcode Projects, Performs UXSS Attack on Safari, Other Browsers, Leverages Zero-day Exploits

Featured Authors

Ed Cabrera (Chief Cybersecurity Officer)
Ed Cabrera (Chief Cybersecurity Officer)
  • Ransomware is Still a Blight on Business
Greg Young (Vice President for Cybersecurity)
Greg Young (Vice President for Cybersecurity)
  • Not Just Good Security Products, But a Good Partner
Jon Clay (Global Threat Communications)
Jon Clay (Global Threat Communications)
  • This Week in Security News: Ransomware Gang is Raking in Tens of Millions of Dollars and Microsoft Patch Tuesday Update Fixes 17 Critical Bugs
Mark Nunnikhoven (Vice President, Cloud Research)
Mark Nunnikhoven (Vice President, Cloud Research)
  • Twitter Hacked in Bitcoin Scam
Rik Ferguson (VP, Security Research)
Rik Ferguson (VP, Security Research)
  • The Sky Has Already Fallen (you just haven’t seen the alert yet)
William
William "Bill" Malik (CISA VP Infrastructure Strategies)
  • Black Hat Trip Report – Trend Micro

Follow Us

Trend Micro In The News

  • Detected Cyber Threats Rose 20% to Exceed 62.6 Billion in 2020
  • Trend Micro Recognized on CRN Security 100 List
  • Trend Micro Reports Solid Results for Q4 and Fiscal Year 2020
  • Connected Cars Technology Vulnerable to Cyber Attacks
  • Trend Micro Asks Students How Their Relationship to the Internet Has Changed During COVID-19
  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © 2017 Trend Micro Incorporated. All rights reserved.