{"id":6683,"date":"2017-02-17T15:00:05","date_gmt":"2017-02-17T23:00:05","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2017\/02\/17\/news-502\/"},"modified":"2017-02-17T15:00:05","modified_gmt":"2017-02-17T23:00:05","slug":"news-502","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2017\/02\/17\/news-502\/","title":{"rendered":"TippingPoint Threat Intelligence and Zero-Day Coverage \u2013 Week of February 13, 2017"},"content":{"rendered":"

Credit to Author: Elisa Lippincott (TippingPoint Global Product Marketing)| Date: Fri, 17 Feb 2017 21:50:12 +0000<\/strong><\/p>\n

\"\"<\/p>\n

Love was in the air earlier this week. This past Tuesday was Valentine\u2019s Day and what should have been Microsoft\u2019s \u201cPatch Tuesday,\u201d but it was reported<\/a> last month that Patch Tuesday would never be the same as Microsoft moves to a process that includes an online searchable database and automatic updates. I was wondering what this month would look like given the new process. It looks like I\u2019m going to have to wait a little longer.<\/p>\n

On February 14, Microsoft announced<\/a> that due to a last minute issue, they are delaying this month\u2019s updates until March 14. What makes matters worse is the fact there is Windows Server SMB zero-day flaw being exploited in the wild that can result in denial of service attacks. US-CERT has also issued<\/a> a vulnerability note on the issue. The good news is that TippingPoint customers are already protected from this flaw with the following Digital Vaccine filter that was released to customers on February 7, 2017:<\/p>\n\n\n\n\n
<\/td>\n\n
    \n
  • 26893: SMB: Microsoft Windows mrxsmb20.dll Denial-of-Service Vulnerability<\/li>\n<\/ul>\n<\/td>\n<\/tr>\n
<\/td>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

Zero-Day Filters<\/strong><\/p>\n

There are five new zero-day filters covering four vendors in this week\u2019s Digital Vaccine (DV) package. A number of existing filters in this week\u2019s DV package were modified to update the filter description, update specific filter deployment recommendation, increase filter accuracy and\/or optimize performance. You can browse the list of published advisories<\/a> and upcoming advisories<\/a> on the Zero Day Initiative<\/a> website.<\/p>\n

Adobe (2)<\/em><\/strong><\/p>\n\n\n\n\n
<\/td>\n\n
    \n
  • 26884: HTTP: Adobe Reader DC JPEG2000 Parsing Information Disclosure Vulnerability (ZDI-17-004)\u00a0<\/em><\/strong><\/li>\n<\/ul>\n<\/td>\n<\/tr>\n
<\/td>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

Fatek (1)<\/em><\/strong><\/p>\n\n\n\n\n
<\/td>\n\n
    \n
  • 26896: HTTP: Fatek Automation PLC WinProladder Buffer Overflow Vulnerability (ZDI-16-672)\u00a0<\/em><\/strong><\/li>\n<\/ul>\n<\/td>\n<\/tr>\n
<\/td>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

Foxit (1)<\/em><\/strong><\/p>\n\n\n\n\n
<\/td>\n\n
    \n
  • 26832: HTTP: Foxit Reader alert Use-After-Free Vulnerability (ZDI-17-034)\u00a0<\/em><\/strong><\/li>\n<\/ul>\n<\/td>\n<\/tr>\n
<\/td>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

IBHsoftec (1)<\/em><\/strong><\/p>\n\n\n\n\n
<\/td>\n\n
    \n
  • 25843: HTTP: IBHsoftec S7-SoftPLC CPX43 Large Data Packet (ZDI-16-604)<\/li>\n<\/ul>\n<\/td>\n<\/tr>\n
<\/td>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

Missed Last Week\u2019s News?<\/strong><\/p>\n

Catch up on last week\u2019s news in my weekly recap<\/a>.<\/p>\n

http:\/\/feeds.trendmicro.com\/TrendMicroSimplySecurity<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Credit to Author: Elisa Lippincott (TippingPoint Global Product Marketing)| Date: Fri, 17 Feb 2017 21:50:12 +0000<\/strong><\/p>\n

\"\"Love was in the air earlier this week. This past Tuesday was Valentine\u2019s Day and what should have been Microsoft\u2019s \u201cPatch Tuesday,\u201d but it was reported last month that Patch Tuesday would never be the same as Microsoft moves to a process that includes an online searchable database and automatic updates. I was wondering what…<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10378,10413],"tags":[10384,714,10415],"class_list":["post-6683","post","type-post","status-publish","format-standard","hentry","category-security","category-trendmicro","tag-network","tag-security","tag-zero-day-initiative"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/6683","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=6683"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/6683\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=6683"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=6683"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=6683"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}