• TREND MICRO
  • ABOUT
Search:
  • Latest Posts
  • Categories
    • Android
    • AWS
    • Azure
    • Cloud
    • Compliance
    • Critical Infrastructure
    • Cybercrime
    • Encryption
    • Financial Services
    • Government
    • Hacks
    • Healthcare
    • Internet of Everything
    • Malware
    • Microsoft
    • Mobile Security
    • Network
    • Privacy
    • Ransomware
    • Security
    • Social Media
    • Small Business
    • Targeted Attacks
    • Trend Spotlight
    • Virtualization
    • Vulnerabilities
    • Web Security
    • Zero Day Initiative
    • Industry News
  • Our Experts
    • Ed Cabrera
    • Rik Ferguson
    • Greg Young
    • Mark Nunnikhoven
    • Jon Clay
    • William “Bill” Malik
  • Research
Home   »   Network   »   TippingPoint Threat Intelligence and Zero-Day Coverage – Week of March 13, 2017

TippingPoint Threat Intelligence and Zero-Day Coverage – Week of March 13, 2017

  • Posted on:March 17, 2017
  • Posted in:Network, Security, Zero Day Initiative
  • Posted by:
    Elisa Lippincott (Global Threat Communications)
0

There was never any doubt what my topic would be for this week’s blog. March Madness, right? Normally I’d be talking about the NCAA Basketball tournament, but not this time. Our March Madness is called Pwn2Own. We celebrated the 10th anniversary of Pwn2Own in Vancouver this week with the biggest contest ever with 11 teams of contestants targeting products across four categories – 30 different attempts in total!

 

The event is wrapping up later today but you can catch up (and keep up) with the latest through these blogs:

  • The Results – Pwn2Own 2017 Day One
  • Pwn2Own 2017 – Day Two Schedule and Results
  • Pwn2Own 2017 – Day Three Schedule and Results
  • The View from DVLabs – Pwn2Own 2017

For the very latest, follow the Zero Day Initiative on Twitter at @thezdi.

Microsoft Patch Tuesday Update

This week’s Digital Vaccine (DV) package includes coverage for the Microsoft Security Bulletins released on or before March 14, 2017. This month’s Patch Tuesday is the largest in Microsoft’s history, covering a whopping 135 CVEs (plus the bulletin for Flash, which addresses seven more CVEs) with 17 update bulletins – eight of them rated critical. The following table maps Digital Vaccine filters to the Microsoft Security Bulletins. Filters marked with an (*) shipped prior to this DV package, providing zero-day protection for our customers. You can get more detailed information on this month’s Microsoft Security Bulletins from Dustin Childs’ March 2017 Security Update Review:

Bulletin # CVE # Digital Vaccine Filter # Status
MS17-006 CVE-2017-0008 27039, 27115
MS17-006 CVE-2017-0009 27042
MS17-006 CVE-2017-0012 Insufficient Information
MS17-006 CVE-2017-0018 *25485
MS17-006 CVE-2017-0033 27058
MS17-006 CVE-2017-0037 26894
MS17-006 CVE-2017-0040 26887
MS17-006 CVE-2017-0049 27052
MS17-006 CVE-2017-0059 27381
MS17-006 CVE-2017-0130 27403
MS17-006 CVE-2017-0149 27486
MS17-006 CVE-2017-0154 27487
MS17-007 CVE-2017-0009 27042
MS17-007 CVE-2017-0010 26897
MS17-007 CVE-2017-0011 27035
MS17-007 CVE-2017-0012 Insufficient Information
MS17-007 CVE-2017-0015 26902
MS17-007 CVE-2017-0017 27041, 27044
MS17-007 CVE-2017-0023 27046
MS17-007 CVE-2017-0032 27051
MS17-007 CVE-2017-0033 27058
MS17-007 CVE-2017-0034 27040
MS17-007 CVE-2017-0035 27059
MS17-007 CVE-2017-0037 26894
MS17-007 CVE-2017-0046 27038
MS17-007 CVE-2017-0065 27375
MS17-007 CVE-2017-0066 27376
MS17-007 CVE-2017-0067 27379
MS17-007 CVE-2017-0068 2023
MS17-007 CVE-2017-0069 27382
MS17-007 CVE-2017-0070 27416
MS17-007 CVE-2017-0071 27412
MS17-007 CVE-2017-0094 27413
MS17-007 CVE-2017-0131 27414
MS17-007 CVE-2017-0132 Insufficient Information
MS17-007 CVE-2017-0133 27415
MS17-007 CVE-2017-0134 Insufficient Information
MS17-007 CVE-2017-0135 Insufficient Information
MS17-007 CVE-2017-0136 Insufficient Information
MS17-007 CVE-2017-0137 Insufficient Information
MS17-007 CVE-2017-0138 Insufficient Information
MS17-007 CVE-2017-0140 27418, 27426
MS17-007 CVE-2017-0141 27419
MS17-007 CVE-2017-0150 Insufficient Information
MS17-007 CVE-2017-0151 Insufficient Information
MS17-007 CVE-2017-0152 Insufficient Information
MS17-008 CVE-2017-0021 Insufficient Information
MS17-008 CVE-2017-0051 Insufficient Information
MS17-008 CVE-2017-0074 Insufficient Information
MS17-008 CVE-2017-0075 Insufficient Information
MS17-008 CVE-2017-0076 Insufficient Information
MS17-008 CVE-2017-0095 Insufficient Information
MS17-008 CVE-2017-0096 Insufficient Information
MS17-008 CVE-2017-0097 Insufficient Information
MS17-008 CVE-2017-0098 Insufficient Information
MS17-008 CVE-2017-0099 Insufficient Information
MS17-008 CVE-2017-0109 Insufficient Information
MS17-009 CVE-2017-0023 27046
MS17-010 CVE-2017-0143 27433
MS17-010 CVE-2017-0144 Insufficient Information
MS17-010 CVE-2017-0145 Insufficient Information
MS17-010 CVE-2017-0146 Insufficient Information
MS17-010 CVE-2017-0147 Insufficient Information
MS17-010 CVE-2017-0148 Insufficient Information
MS17-011 CVE-2017-0072 27380
MS17-011 CVE-2017-0083 27378
MS17-011 CVE-2017-0084 Insufficient Information
MS17-011 CVE-2017-0085 Insufficient Information
MS17-011 CVE-2017-0086 27404
MS17-011 CVE-2017-0087 27405
MS17-011 CVE-2017-0088 27406
MS17-011 CVE-2017-0089 27407
MS17-011 CVE-2017-0090 27408
MS17-011 CVE-2017-0091 Insufficient Information
MS17-011 CVE-2017-0092 Insufficient Information
MS17-011 CVE-2017-0111 Insufficient Information
MS17-011 CVE-2017-0112 Insufficient Information
MS17-011 CVE-2017-0113 Insufficient Information
MS17-011 CVE-2017-0114 Insufficient Information
MS17-011 CVE-2017-0115 Insufficient Information
MS17-011 CVE-2017-0116 Insufficient Information
MS17-011 CVE-2017-0117 Insufficient Information
MS17-011 CVE-2017-0118 Insufficient Information
MS17-011 CVE-2017-0119 Insufficient Information
MS17-011 CVE-2017-0120 Insufficient Information
MS17-011 CVE-2017-0121 27409
MS17-011 CVE-2017-0122 Insufficient Information
MS17-011 CVE-2017-0123 Insufficient Information
MS17-011 CVE-2017-0124 Insufficient Information
MS17-011 CVE-2017-0125 Insufficient Information
MS17-011 CVE-2017-0126 Insufficient Information
MS17-011 CVE-2017-0127 Insufficient Information
MS17-011 CVE-2017-0128 Insufficient Information
MS17-012 CVE-2017-0007 Insufficient Information
MS17-012 CVE-2017-0016 26893
MS17-012 CVE-2017-0039 27048
MS17-012 CVE-2017-0057 Insufficient Information
MS17-012 CVE-2017-0100 27427
MS17-012 CVE-2017-0104 Insufficient Information
MS17-013 CVE-2017-0001 Insufficient Information
MS17-013 CVE-2017-0005 Insufficient Information
MS17-013 CVE-2017-0014 27053
MS17-013 CVE-2017-0025 Insufficient Information
MS17-013 CVE-2017-0038 26904
MS17-013 CVE-2017-0047 27043
MS17-013 CVE-2017-0060 27392
MS17-013 CVE-2017-0061 Insufficient Information
MS17-013 CVE-2017-0062 27393
MS17-013 CVE-2017-0063 Insufficient Information
MS17-013 CVE-2017-0073 27394
MS17-013 CVE-2017-0108 27400
MS17-014 CVE-2017-0006 27420
MS17-014 CVE-2017-0019 27055
MS17-014 CVE-2017-0020 27116
MS17-014 CVE-2017-0027 27117
MS17-014 CVE-2017-0029 Insufficient Information
MS17-014 CVE-2017-0030 27054
MS17-014 CVE-2017-0031 27118
MS17-014 CVE-2017-0052 27430
MS17-014 CVE-2017-0053 27483
MS17-014 CVE-2017-0105 27484
MS17-014 CVE-2017-0107 Insufficient Information
MS17-014 CVE-2017-0129 Insufficient Information
MS17-015 CVE-2017-0110 Insufficient Information
MS17-016 CVE-2017-0055 Insufficient Information
MS17-017 CVE-2017-0050 27049
MS17-017 CVE-2017-0101 Insufficient Information
MS17-017 CVE-2017-0102 Insufficient Information
MS17-017 CVE-2017-0103 27399
MS17-018 CVE-2017-0024 Insufficient Information
MS17-018 CVE-2017-0026 Insufficient Information
MS17-018 CVE-2017-0056 27391
MS17-018 CVE-2017-0078 27395
MS17-018 CVE-2017-0079 27395
MS17-018 CVE-2017-0080 27396
MS17-018 CVE-2017-0081 27397
MS17-018 CVE-2017-0082 27398
MS17-019 CVE-2017-0043 Insufficient Information
MS17-020 CVE-2017-0045 Insufficient Information
MS17-021 CVE-2017-0042 27050
MS17-022 CVE-2017-0022 27047, 27061

 

Zero-Day Filters

There are 12 new zero-day filters covering three vendors in this week’s Digital Vaccine (DV) package. A number of existing filters in this week’s DV package were modified to update the filter description, update specific filter deployment recommendation, increase filter accuracy and/or optimize performance. You can browse the list of published advisories and upcoming advisories on the Zero Day Initiative website.

Adobe (3)

  • 27241: ZDI-CAN-4381: Zero Day Initiative Vulnerability (Adobe Reader DC)
  • 27260: ZDI-CAN-4382: Zero Day Initiative Vulnerability (Adobe Reader DC)
  • 27261: ZDI-CAN-4384: Zero Day Initiative Vulnerability (Adobe Reader DC) 

Hewlett Packard Enterprise (3)

  • 27239: ZDI-CAN-4379: Zero Day Initiative Vulnerability (Hewlett Packard Enterprise Intelligent Management)
  • 27240: ZDI-CAN-4380: Zero Day Initiative Vulnerability (Hewlett Packard Enterprise Intelligent Management)
  • 27262: ZDI-CAN-4386: Zero Day Initiative Vulnerability (Hewlett Packard Enterprise Intelligent Management) 

Trend Micro (6)

  • 27297: ZDI-CAN-4390, ZDI-CAN-4391: Zero Day Initiative Vulnerability (Trend Micro SafeSync for Enterprise)
  • 27298: ZDI-CAN-4392: Zero Day Initiative Vulnerability (Trend Micro SafeSync for Enterprise)
  • 27299: ZDI-CAN-4393: Zero Day Initiative Vulnerability (Trend Micro SafeSync for Enterprise)
  • 27370: HTTPS: Trend Micro Control Manager importFile.php Directory Traversal (ZDI-17-060)
  • 27383: HTTP: Trend Micro Control Manager ProductTree_RightWindow Information Disclosure (ZDI-17-077)
  • 27384: HTTPS: Trend Micro Control Manager ProductTree_RightWindow Information Disclosure (ZDI-17-077) 

Missed Last Week’s News?

Catch up on last week’s news in my weekly recap.

Related posts:

  1. TippingPoint Threat Intelligence and Zero-Day Coverage – Week of April 10, 2017
  2. TippingPoint Threat Intelligence and Zero-Day Coverage – Week of March 6, 2017
  3. TippingPoint Threat Intelligence and Zero-Day Coverage – Week of March 20, 2017
  4. TippingPoint Threat Intelligence and Zero-Day Coverage – Week of March 27, 2017

Security Intelligence Blog

  • Our New Blog
  • How Unsecure gRPC Implementations Can Compromise APIs, Applications
  • XCSSET Mac Malware: Infects Xcode Projects, Performs UXSS Attack on Safari, Other Browsers, Leverages Zero-day Exploits

Featured Authors

Ed Cabrera (Chief Cybersecurity Officer)
Ed Cabrera (Chief Cybersecurity Officer)
  • Ransomware is Still a Blight on Business
Greg Young (Vice President for Cybersecurity)
Greg Young (Vice President for Cybersecurity)
  • Not Just Good Security Products, But a Good Partner
Jon Clay (Global Threat Communications)
Jon Clay (Global Threat Communications)
  • This Week in Security News: Ransomware Gang is Raking in Tens of Millions of Dollars and Microsoft Patch Tuesday Update Fixes 17 Critical Bugs
Mark Nunnikhoven (Vice President, Cloud Research)
Mark Nunnikhoven (Vice President, Cloud Research)
  • Twitter Hacked in Bitcoin Scam
Rik Ferguson (VP, Security Research)
Rik Ferguson (VP, Security Research)
  • The Sky Has Already Fallen (you just haven’t seen the alert yet)
William
William "Bill" Malik (CISA VP Infrastructure Strategies)
  • Black Hat Trip Report – Trend Micro

Follow Us

Trend Micro In The News

  • Trend Micro Goes Global to Find Entrepreneurs Set to Unlock the Smart Connected World
  • Winners of Trend Micro Global Capture the Flag Demonstrate Excellence in Cybersecurity
  • Companies Leveraging AWS Well-Architected Reviews Now Benefit from Security Innovations from Trend Micro
  • Trend Micro Announces World's First Cloud-Native File Storage Security
  • Digital Transformation is Growing but May Be Insecure for Many
  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © 2017 Trend Micro Incorporated. All rights reserved.