{"id":6413,"date":"2017-01-27T12:00:35","date_gmt":"2017-01-27T20:00:35","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2017\/01\/27\/news-250\/"},"modified":"2017-01-27T12:00:35","modified_gmt":"2017-01-27T20:00:35","slug":"news-250","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2017\/01\/27\/news-250\/","title":{"rendered":"Tipping Point Threat Intelligence and Zero-Day Coverage \u2013 Week of January 23, 2017"},"content":{"rendered":"

\"\"<\/p>\n

They say security never sleeps. I wish I could go for days without sleeping, because I could get so much done. Unfortunately, we\u2019re just not built that way, which explains why my post this week is a few hours later than usual. I could say, \u201cbetter late than never,\u201d but that would definitely not apply to the security world, especially if someone\u2019s data was compromised. Whether it\u2019s late or never, the only winner is the attacker that compromised your network.<\/p>\n

With the Zero Day Initiative, we are fortunate to have exclusive access to vulnerability information submitted to the program. While ZDI works with the affected vendor to make sure they have the information they need to work on a patch, we protect our customers an average of 57 days before a patch is issued. In 2016, ZDI published a record 677 advisories covering almost 50 vendors. We\u2019re only in the first month of 2017 and ZDI has already published 57 vulnerabilities. We will definitely see more as we prepare for the 10th<\/sup> anniversary of the Pwn2Own contest in March<\/a>. Make sure to follow the Zero Day Initiative on Twitter<\/a> for all the latest information leading up to the contest!<\/p>\n

Microsoft Patch Tuesday Update<\/strong><\/p>\n

This week\u2019s Digital Vaccine (DV) package includes additional coverage for the Microsoft Security Bulletins released earlier this month. The following table maps one Digital Vaccine filter to the Microsoft Security Bulletins.<\/p>\n

\n\n\n\n\n
Bulletin #<\/strong><\/td>\nCVE #<\/strong><\/td>\nDigital Vaccine Filter #<\/strong><\/td>\nStatus<\/strong><\/td>\n<\/tr>\n
MS17-001<\/td>\nCVE-2017-0002<\/td>\n26639<\/td>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/div>\n

Zero-Day Filters<\/strong><\/p>\n

There are 10 new zero-day filters covering four vendors in this week\u2019s Digital Vaccine (DV) package. A number of existing filters in this week\u2019s DV package were modified to update the filter description, update specific filter deployment recommendation, increase filter accuracy and\/or optimize performance. You can browse the list of published advisories<\/a> and upcoming advisories<\/a> on the Zero Day Initiative<\/a> website.<\/p>\n

Adobe (2)<\/em><\/strong><\/p>\n