TippingPoint Threat Intelligence and Zero-Day Coverage – Week of October 30, 2017

November 3, 2017 admin Network, Security, Zero Day Initiative

Credit to Author: Elisa Lippincott (TippingPoint Global Product Marketing)| Date: Fri, 03 Nov 2017 16:00:09 +0000

Competition is inherent in our DNA. At a basic level, we compete for things like water and food. We also take it up a level and compete for wealth, fame and power. Some compete to be the best in sports, like my Houston Astros winning the 2017 World Series, and others compete to be the best in their industry. While most competitions end up with one winner, sometimes the trophy isn’t the prize. It’s what we learn from the competition that gives use the most value.

Earlier this week, the Zero Day Initiative (ZDI) held the Mobile Pwn2Own contest in Tokyo, Japan. This year’s contest ended up being our biggest contest ever. A total of 32 unique vulnerabilities were submitted to ZDI over the course of the contest. ZDI awarded contestants a whopping $515,000 as well as multiple mobile phones. Since the contestants “pwn” the phones, they get to own them. While there were several worthy contestants, only one can be crowned the Master of Pwn. Congratulations to the Tencent Keen Security Lab team for earning the Master of Pwn title.

While the Tencent Keen Security Lab team gets the cool trophy, we at Trend Micro get something even more valuable. The Zero Day Initiative works with the affected vendors to ensure they have the information they need to fix the vulnerabilities, and in turn, we get exclusive access to the vulnerability information so that we can provide protection to our customers while patches are being developed.

Read the Zero Day Initiative blog for more details and full coverage of the final Mobile Pwn2Own contest results.

Zero-Day Filters

There are 40 new zero-day filters covering eight vendors in this week’s Digital Vaccine (DV) package. A number of existing filters in this week’s DV package were modified to update the filter description, update specific filter deployment recommendation, increase filter accuracy and/or optimize performance. You can browse the list of published advisories and upcoming advisories on the Zero Day Initiative website. You can also follow the Zero Day Initiative on Twitter @thezdi and on their blog.

Adobe (7)

29811: ZDI-CAN-5139: Zero Day Initiative Vulnerability (Adobe Flash)
29833: ZDI-CAN-5202: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)
29834: ZDI-CAN-5203: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)
29850: ZDI-CAN-5218: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)
29851: ZDI-CAN-5219: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)
29852: ZDI-CAN-5220: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)
29853: ZDI-CAN-5221: Zero Day Initiative Vulnerability (Adobe Reader DC)

Belkin (1)

	29835: ZDI-CAN-5206: Zero Day Initiative Vulnerability (Belkin Wemo Link)

Foxit (1)

	29849: ZDI-CAN-5216: Zero Day Initiative Vulnerability (Foxit Reader)

Fuji Electric (1)

	29813: HTTP: Fuji Electric V-Server VPR File Parsing Memory Corruption Vulnerability (ZDI-17-485)

Microsoft (3)

	29799: ZDI-CAN-5115: Zero Day Initiative Vulnerability (Microsoft Chakra) 29832: ZDI-CAN-5198: Zero Day Initiative Vulnerability (Microsoft Chakra) 29848: ZDI-CAN-5215: Zero Day Initiative Vulnerability (Microsoft Chakra)

NetGain Systems (12)

29800: ZDI-CAN-5118: Zero Day Initiative Vulnerability (NetGain Systems Enterprise Manager)
29801: ZDI-CAN-5119: Zero Day Initiative Vulnerability (NetGain Systems Enterprise Manager)
29809: ZDI-CAN-5137: Zero Day Initiative Vulnerability (NetGain Systems Enterprise Manager)
29810: ZDI-CAN-5138: Zero Day Initiative Vulnerability (NetGain Systems Enterprise Manager)
29822: ZDI-CAN-5190: Zero Day Initiative Vulnerability (NetGain Systems Enterprise Manager)
29823: ZDI-CAN-5191: Zero Day Initiative Vulnerability (NetGain Systems Enterprise Manager)
29824: ZDI-CAN-5192: Zero Day Initiative Vulnerability (NetGain Systems Enterprise Manager)
29825: ZDI-CAN-5193: Zero Day Initiative Vulnerability (NetGain Systems Enterprise Manager)
29826: ZDI-CAN-5194: Zero Day Initiative Vulnerability (NetGain Systems Enterprise Manager)
29827: ZDI-CAN-5195: Zero Day Initiative Vulnerability (NetGain Systems Enterprise Manager)
29828: ZDI-CAN-5196: Zero Day Initiative Vulnerability (NetGain Systems Enterprise Manager)
29829: ZDI-CAN-5197: Zero Day Initiative Vulnerability (NetGain Systems Enterprise Manager)

QNAP (1)

	29836: ZDI-CAN-5209: Zero Day Initiative Vulnerability (QNAP QTS)

Trend Micro (14)

29802: ZDI-CAN-5121: Zero Day Initiative Vulnerability (Trend Micro Control Manager)
29803: ZDI-CAN-5122: Zero Day Initiative Vulnerability (Trend Micro Control Manager)
29805: ZDI-CAN-5123,5124: Zero Day Initiative Vulnerability (Trend Micro Control Manager)
29806: ZDI-CAN-5125-5129,5132,5134-5136: Zero Day Initiative Vulnerability (Trend Micro Control Manager)
29808: ZDI-CAN-5133: Zero Day Initiative Vulnerability (Trend Micro Control Manager)
29812: ZDI-CAN-5161: Zero Day Initiative Vulnerability (Trend Micro Control Manager)
29814: ZDI-CAN-5162: Zero Day Initiative Vulnerability (Trend Micro Control Manager)
29815: ZDI-CAN-5163: Zero Day Initiative Vulnerability (Trend Micro Control Manager)
29816: ZDI-CAN-5164: Zero Day Initiative Vulnerability (Trend Micro Control Manager)
29817: ZDI-CAN-5165: Zero Day Initiative Vulnerability (Trend Micro Control Manager)
29818: ZDI-CAN-5166,5170: Zero Day Initiative Vulnerability (Trend Micro Control Manager)
29819: ZDI-CAN-5169: Zero Day Initiative Vulnerability (Trend Micro Control Manager)
29820: ZDI-CAN-5174: Zero Day Initiative Vulnerability (Trend Micro Control Manager)
29854: ZDI-CAN-5232: Zero Day Initiative Vulnerability (Trend Micro Control Manager)

Missed Last Week’s News?

Catch up on last week’s news in my weekly recap.

http://feeds.trendmicro.com/TrendMicroSimplySecurity