TippingPoint Threat Intelligence and Zero-Day Coverage – Week of November 20, 2017
Credit to Author: Elisa Lippincott (TippingPoint Global Product Marketing)| Date: Wed, 22 Nov 2017 14:10:15 +0000
It’s that time of year again, when many will gather with their families, eat way too much, and catch those crazy Black Friday sales. I’ve been seeing “Black Friday” sales for almost two weeks now. Cyber Monday, which falls on the Monday after the U.S. Thanksgiving holiday, is probably going to be coupled with news of increased identity theft incidents.
I’ve said it before and I’ll say it again: if you choose to skip Black Friday and wait for Cyber Monday, be on the lookout for great deals you learn about via email or social media (don’t click the links!). Don’t use free public Wi-Fi to make purchases; and make sure sites you visit are secure (HTTPS) and have a valid encryption certificate. If you’re using your mobile phone, make sure you download apps from official app marketplaces or use a retailer’s actual URL. I hope you all have a safe and Happy Thanksgiving!
Adobe Security Update
This week’s Digital Vaccine® (DV) package includes coverage for Adobe updates released on or before November 14, 2017. The following table maps Digital Vaccine filters to the Adobe updates. Filters marked with an asterisk (*) shipped prior to this DV package, providing preemptive zero-day protection for customers. You can get more detailed information on this month’s security updates from Dustin Childs’ November 2017 Security Update Review from the Zero Day Initiative:
| Bulletin # | CVE # | Digital Vaccine Filter # | Status |
| APSB17-36 | CVE-2017-16360 | 29994 | |
| APSB17-36 | CVE-2017-16361 | 29999 | |
| APSB17-36 | CVE-2017-16362 | 30030 | |
| APSB17-36 | CVE-2017-16363 | 30023 | |
| APSB17-36 | CVE-2017-16364 | 30006 | |
| APSB17-36 | CVE-2017-16365 | 30027 | |
| APSB17-36 | CVE-2017-16366 | 30019 | |
| APSB17-36 | CVE-2017-16367 | 30014 | |
| APSB17-36 | CVE-2017-16368 | 30015 | |
| APSB17-36 | CVE-2017-16369 | *28924 | |
| APSB17-36 | CVE-2017-16370 | 29996 | |
| APSB17-36 | CVE-2017-16371 | 30001 | |
| APSB17-36 | CVE-2017-16372 | 30004 | |
| APSB17-36 | CVE-2017-16373 | 30039 | |
| APSB17-36 | CVE-2017-16374 | 30044 | |
| APSB17-36 | CVE-2017-16375 | 30043 | |
| APSB17-36 | CVE-2017-16376 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| APSB17-36 | CVE-2017-16377 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| APSB17-36 | CVE-2017-16378 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| APSB17-36 | CVE-2017-16379 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| APSB17-36 | CVE-2017-16380 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| APSB17-36 | CVE-2017-16381 | *29639 | |
| APSB17-36 | CVE-2017-16382 | *29638 | |
| APSB17-36 | CVE-2017-16383 | *29637 | |
| APSB17-36 | CVE-2017-16384 | *29636 | |
| APSB17-36 | CVE-2017-16385 | *29635 | |
| APSB17-36 | CVE-2017-16386 | *29584 | |
| APSB17-36 | CVE-2017-16387 | *29484 | |
| APSB17-36 | CVE-2017-16388 | 30040 | |
| APSB17-36 | CVE-2017-16389 | 30041 | |
| APSB17-36 | CVE-2017-16390 | 29998 | |
| APSB17-36 | CVE-2017-16391 | 30003 | |
| APSB17-36 | CVE-2017-16392 | 30002 | |
| APSB17-36 | CVE-2017-16393 | 30005 | |
| APSB17-36 | CVE-2017-16394 | 30035 | |
| APSB17-36 | CVE-2017-16395 | 30037 | |
| APSB17-36 | CVE-2017-16396 | 30032 | |
| APSB17-36 | CVE-2017-16397 | 30000 | |
| APSB17-36 | CVE-2017-16398 | 29995 | |
| APSB17-36 | CVE-2017-16399 | 29997 | |
| APSB17-36 | CVE-2017-16400 | *29852 | |
| APSB17-36 | CVE-2017-16401 | *29851 | |
| APSB17-36 | CVE-2017-16402 | *29853 | |
| APSB17-36 | CVE-2017-16403 | *29833 | |
| APSB17-36 | CVE-2017-16404 | *29850 | |
| APSB17-36 | CVE-2017-16405 | 30038 | |
| APSB17-36 | CVE-2017-16406 | 30042 | |
| APSB17-36 | CVE-2017-16407 | 30045 | |
| APSB17-36 | CVE-2017-16408 | 30034 | |
| APSB17-36 | CVE-2017-16409 | 30036 | |
| APSB17-36 | CVE-2017-16410 | 30024 | |
| APSB17-36 | CVE-2017-16411 | 30021 | |
| APSB17-36 | CVE-2017-16412 | 30020 | |
| APSB17-36 | CVE-2017-16413 | 30018 | |
| APSB17-36 | CVE-2017-16414 | 30016 | |
| APSB17-36 | CVE-2017-16415 | 30025 | |
| APSB17-36 | CVE-2017-16416 | 30007 | |
| APSB17-36 | CVE-2017-16417 | 30013 | |
| APSB17-36 | CVE-2017-16418 | 30017 | |
| APSB17-36 | CVE-2017-16419 | 30022 | |
| APSB17-36 | CVE-2017-16420 | 30026 | |
| APSB17-36 | CVE-2017-11293 | Vendor Deemed Reproducibility or Exploitation Unlikely | |
| APSB17-33 | CVE-2017-3112 | 30008 | |
| APSB17-33 | CVE-2017-3114 | 30009 | |
| APSB17-33 | CVE-2017-11213 | 30010 | |
| APSB17-33 | CVE-2017-11215 | 30011 | |
| APSB17-33 | CVE-2017-11225 | 30012 |
Zero-Day Filters
There are no new zero-day filters in this week’s Digital Vaccine (DV) package. A number of existing filters in this week’s DV package were modified to update the filter description, update specific filter deployment recommendation, increase filter accuracy and/or optimize performance. You can browse the list of published advisories and upcoming advisories on the Zero Day Initiative website. You can also follow the Zero Day Initiative on Twitter @thezdi and on their blog.
Missed Last Week’s News?
Catch up on last week’s news in my weekly recap.