{"id":12865,"date":"2018-07-20T09:00:02","date_gmt":"2018-07-20T17:00:02","guid":{"rendered":"https:\/\/www.palada.net\/index.php\/2018\/07\/20\/news-6632\/"},"modified":"2018-07-20T09:00:02","modified_gmt":"2018-07-20T17:00:02","slug":"news-6632","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2018\/07\/20\/news-6632\/","title":{"rendered":"Zero-Day Coverage Update \u2013 Week of July 16, 2018"},"content":{"rendered":"

Credit to Author: Elisa Lippincott (Global Threat Communications)| Date: Fri, 20 Jul 2018 15:24:42 +0000<\/strong><\/p>\n

\"\"<\/p>\n

One night this week, I came across one of my favorite movies Willy Wonka and the Chocolate Factory. The world had gone crazy after the reclusive Willy Wonka announces that he has hidden five golden tickets in chocolate Wonka Bars that promised a factory tour and a lifetime supply of chocolate. There\u2019s a scene at a school where a teacher, Mr. Turkentine, decides to teach the kids about percentages and uses the Wonka Bars as an example. He asks one student how many Wonka Bars she bought and she replied, \u201cAbout a hundred.\u201d Mr. Turkentine tells her that there are ten hundreds in a thousand so that\u2019s 10 percent. He asks a couple of other students and the percentages are easy to figure out. Then he asks Charlie Bucket, a poor paperboy, how many Wonka Bars he bought, and he says \u201cTwo.\u201d Mr. Turkentine replied, \u201cTwo? What do you mean you only opened two? I can\u2019t figure out the percentage for just two, so let\u2019s just pretend you opened two hundred.\u201d<\/p>\n

While Mr. Turkentine has trouble with percentages, the Zero Day Initiative (ZDI) doesn\u2019t. This month, Adobe had a bigger than normal patch for their Acrobat product, covering 107 CVEs. 68 of those CVEs came through the ZDI program! I don\u2019t have any trouble figuring out that percentage \u2013 that\u2019s 63.6% of the Acrobat vulnerabilities that came through ZDI. The \u201cgolden ticket\u201d for Trend Micro customers isn\u2019t a lifetime of chocolate, but preemptive protection against these bugs!<\/p>\n

MindshaRE: An Introduction to PyKD<\/strong><\/p>\n

Earlier this week, ZDI researcher Abdul-Aziz Hariri posted a blog<\/a> covering the topic of using PyKD to help automate debugging tasks and crash dump analysis using Python. His post is part of the MindshaRE blog series that provides insight on various reversing techniques to security researchers and reverse engineers. The blog demonstrates the installation and basic configuration of PyKD and goes on the show how it can be used to execute Python script from inside WinDBG. You can read the full blog here<\/a>.<\/p>\n

Adobe Security Update<\/strong><\/p>\n

This week\u2019s Digital Vaccine (DV) package includes coverage for Adobe updates released on or before July 10, 2018. The following table maps Digital Vaccine filters to the Microsoft updates. You can get more detailed information on this month\u2019s security updates from Dustin Childs\u2019 July 2018 Security Update Review<\/a> from the Zero Day Initiative:<\/p>\n

\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n
Bulletin #<\/strong><\/td>\nCVE #<\/strong><\/td>\nDigital Vaccine Filter<\/strong><\/td>\nStatus<\/strong><\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-5009<\/td>\n32561<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-5010<\/td>\n32562<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-5011<\/td>\n32563<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-5012<\/td>\n32564<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-12799<\/td>\n32670<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-12803<\/td>\n32565<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-5014<\/td>\n32566<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-5015<\/td>\n32567<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-5016<\/td>\n32568<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-5017<\/td>\n32569<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-5018<\/td>\n32570<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-5019<\/td>\n32571<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-5020<\/td>\n32573<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-5021<\/td>\n32574<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-5022<\/td>\n32575<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-5023<\/td>\n32576<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-5024<\/td>\n32577<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-5025<\/td>\n32578<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-5026<\/td>\n32579<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-5027<\/td>\n32580<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-5028<\/td>\n32581<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-5029<\/td>\n32582<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-5030<\/td>\n32583<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-5031<\/td>\n32584<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-5032<\/td>\n32585<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-5033<\/td>\n32586<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-5034<\/td>\n32587<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-5035<\/td>\n32588<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-5036<\/td>\n32589<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-5037<\/td>\n32590<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-5038<\/td>\n32591<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-5039<\/td>\n32592<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-5040<\/td>\n32593<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-5041<\/td>\n32594<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-5042<\/td>\n32595<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-5043<\/td>\n32596<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-5044<\/td>\n32597<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-5045<\/td>\n32598<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-5046<\/td>\n32599<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-5047<\/td>\n32600<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-5048<\/td>\n32601<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-5049<\/td>\n32602<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-5050<\/td>\n32603<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-5051<\/td>\n32604<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-5052<\/td>\n32605<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-5053<\/td>\n32606<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-5054<\/td>\n32607<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-5055<\/td>\n32608<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-5056<\/td>\n32609<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-5057<\/td>\n32610<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-5058<\/td>\n32611<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-5059<\/td>\n32612<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-5060<\/td>\n32613<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-5061<\/td>\n32614<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-5062<\/td>\n32615<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-5063<\/td>\n32616<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-5064<\/td>\n32617<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-5065<\/td>\n32618<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-5066<\/td>\n32619<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-5067<\/td>\n32620<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-5068<\/td>\n32621<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-5069<\/td>\n32622<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-5070<\/td>\n32623<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-12754<\/td>\n32624<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-12755<\/td>\n32625<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-12756<\/td>\n32626<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-12757<\/td>\n32627<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-12758<\/td>\n32628<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-12760<\/td>\n32629<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-12761<\/td>\n32630<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-12762<\/td>\n32631<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-12763<\/td>\n32632<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-12764<\/td>\n32633<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-12765<\/td>\n32634<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-12766<\/td>\n32635<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-12767<\/td>\n32636<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-12768<\/td>\n32637<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-12770<\/td>\n32638<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-12771<\/td>\n32639<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-12772<\/td>\n32640<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-12773<\/td>\n32641<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-12774<\/td>\n32642<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-12776<\/td>\n32643<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-12777<\/td>\n32644<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-12779<\/td>\n32645<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-12780<\/td>\n32646<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-12781<\/td>\n32647<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-12782<\/td>\n32648<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-12783<\/td>\n32649<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-12784<\/td>\n<\/td>\nVendor Deemed Reproducibility or Exploitation Unlikely<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-12785<\/td>\n32650<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-12786<\/td>\n32651<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-12787<\/td>\n32652<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-12788<\/td>\n32653<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-12789<\/td>\n32654<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-12790<\/td>\n32655<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-12791<\/td>\n32656<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-12792<\/td>\n32657<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-12802<\/td>\n<\/td>\nVendor Deemed Reproducibility or Exploitation Unlikely<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-12793<\/td>\n32658<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-12794<\/td>\n32659<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-12795<\/td>\n32660<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-12796<\/td>\n32661<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-12797<\/td>\n32662<\/td>\n<\/td>\n<\/tr>\n
APSB18-21<\/td>\nCVE-2018-12798<\/td>\n32663<\/td>\n<\/td>\n<\/tr>\n
APSB18-24<\/td>\nCVE-2018-5007<\/td>\n32559<\/td>\n<\/td>\n<\/tr>\n
APSB18-24<\/td>\nCVE-2018-5008<\/td>\n32560<\/td>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/div>\n

 <\/p>\n

Zero-Day Filters<\/strong><\/p>\n

There are no new zero-day filters in this week\u2019s Digital Vaccine (DV) package. A number of existing filters in this week\u2019s DV package were modified to update the filter description, update specific filter deployment recommendation, increase filter accuracy and\/or optimize performance. You can browse the list of published advisories<\/a> and upcoming advisories<\/a> on the Zero Day Initiative<\/a> website. You can also follow the Zero Day Initiative on Twitter @thezdi<\/a> and on their blog<\/a>.<\/p>\n

Missed Last Week\u2019s News?<\/strong><\/p>\n

Catch up on last week\u2019s news in my weekly recap<\/a>.<\/p>\n

The post Zero-Day Coverage Update \u2013 Week of July 16, 2018<\/a> appeared first on <\/a>.<\/p>\n

http:\/\/feeds.trendmicro.com\/TrendMicroSimplySecurity<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Credit to Author: Elisa Lippincott (Global Threat Communications)| Date: Fri, 20 Jul 2018 15:24:42 +0000<\/strong><\/p>\n

\"\"<\/p>\n

One night this week, I came across one of my favorite movies Willy Wonka and the Chocolate Factory. The world had gone crazy after the reclusive Willy Wonka announces that he has hidden five golden tickets in chocolate Wonka Bars that promised a factory tour and a lifetime supply of chocolate. There\u2019s a scene at…<\/p>\n

The post Zero-Day Coverage Update \u2013 Week of July 16, 2018<\/a> appeared first on <\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10378,10413],"tags":[10384,714,10415],"class_list":["post-12865","post","type-post","status-publish","format-standard","hentry","category-security","category-trendmicro","tag-network","tag-security","tag-zero-day-initiative"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/12865","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=12865"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/12865\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=12865"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=12865"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=12865"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}