{"id":7346,"date":"2017-04-14T06:00:19","date_gmt":"2017-04-14T14:00:19","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2017\/04\/14\/news-1137\/"},"modified":"2017-04-14T06:00:19","modified_gmt":"2017-04-14T14:00:19","slug":"news-1137","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2017\/04\/14\/news-1137\/","title":{"rendered":"TippingPoint Threat Intelligence and Zero-Day Coverage \u2013 Week of April 10, 2017"},"content":{"rendered":"

Credit to Author: Elisa Lippincott (TippingPoint Global Product Marketing)| Date: Fri, 14 Apr 2017 13:36:54 +0000<\/strong><\/p>\n

\"\"<\/p>\n

Earlier this week marked the end of support<\/a> for Windows Vista. This means anyone using Vista will no longer receiving new security updates, non-security hotfixes, free or paid assisted support options, or online technical content updates from Microsoft. If you\u2019re unable to update your version of Windows, this is where virtual patching becomes very important. Virtual patching gives you added protection when patches aren\u2019t available. Our solutions can help you gain control of your patch management lifecycle with pre-emptive coverage between the discovery of a vulnerability and the availability of a patch, as well as protection for legacy, out-of-support software.<\/p>\n

This month also marks the end of Microsoft security bulletins. I liked using a RSS feed to see the latest Microsoft bulletins, but now, Microsoft is directing everyone to their Security Update Guide, where you can search by CVE or Knowledge Base article. Time will tell how IT admins will adjust to the new format. As you\u2019ll see in the Microsoft update below, my table is a little different now since there is no longer a Microsoft bulletin number associated with the CVEs.<\/p>\n

Microsoft Update<\/strong><\/p>\n

This week\u2019s Digital Vaccine (DV) package includes coverage for Microsoft updates released on or before April 11, 2017. Patches were released for 45 unique CVEs in Internet Explorer, Microsoft Edge, Microsoft Windows, Microsoft Office and Microsoft Office Services and Web Apps, Visual Studio for Mac, .NET Framework, Silverlight and Adobe Flash Player. The following table maps Digital Vaccine filters to the Microsoft updates. You can get more detailed information on this month\u2019s security updates from Dustin Childs\u2019 April 2017 Security Update Review<\/a>:<\/p>\n

\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n
CVE #<\/strong><\/td>\nDigital Vaccine Filter #<\/strong><\/td>\nStatus<\/strong><\/td>\n<\/tr>\n
CVE-2013-6629<\/td>\n<\/td>\nInsufficient Vendor Information<\/td>\n<\/tr>\n
CVE-2017-0058<\/td>\n<\/td>\nInsufficient Vendor Information<\/td>\n<\/tr>\n
CVE-2017-0093<\/td>\n<\/td>\nInsufficient Vendor Information<\/td>\n<\/tr>\n
CVE-2017-0106<\/td>\n27423<\/td>\n<\/td>\n<\/tr>\n
CVE-2017-0155<\/td>\n27727<\/td>\n<\/td>\n<\/tr>\n
CVE-2017-0158<\/td>\n27719<\/td>\n<\/td>\n<\/tr>\n
CVE-2017-0159<\/td>\n<\/td>\nInsufficient Vendor Information<\/td>\n<\/tr>\n
CVE-2017-0160<\/td>\n27740<\/td>\n<\/td>\n<\/tr>\n
CVE-2017-0162<\/td>\n<\/td>\nInsufficient Vendor Information<\/td>\n<\/tr>\n
CVE-2017-0163<\/td>\n<\/td>\nInsufficient Vendor Information<\/td>\n<\/tr>\n
CVE-2017-0164<\/td>\n<\/td>\nInsufficient Vendor Information<\/td>\n<\/tr>\n
CVE-2017-0165<\/td>\n27739<\/td>\n<\/td>\n<\/tr>\n
CVE-2017-0166<\/td>\n<\/td>\nInsufficient Vendor Information<\/td>\n<\/tr>\n
CVE-2017-0167<\/td>\n27729<\/td>\n<\/td>\n<\/tr>\n
CVE-2017-0168<\/td>\n<\/td>\nInsufficient Vendor Information<\/td>\n<\/tr>\n
CVE-2017-0169<\/td>\n<\/td>\nInsufficient Vendor Information<\/td>\n<\/tr>\n
CVE-2017-0178<\/td>\n<\/td>\nInsufficient Vendor Information<\/td>\n<\/tr>\n
CVE-2017-0179<\/td>\n<\/td>\nInsufficient Vendor Information<\/td>\n<\/tr>\n
CVE-2017-0180<\/td>\n<\/td>\nInsufficient Vendor Information<\/td>\n<\/tr>\n
CVE-2017-0181<\/td>\n<\/td>\nInsufficient Vendor Information<\/td>\n<\/tr>\n
CVE-2017-0182<\/td>\n<\/td>\nInsufficient Vendor Information<\/td>\n<\/tr>\n
CVE-2017-0183<\/td>\n<\/td>\nInsufficient Vendor Information<\/td>\n<\/tr>\n
CVE-2017-0184<\/td>\n<\/td>\nInsufficient Vendor Information<\/td>\n<\/tr>\n
CVE-2017-0185<\/td>\n<\/td>\nInsufficient Vendor Information<\/td>\n<\/tr>\n
CVE-2017-0186<\/td>\n<\/td>\nInsufficient Vendor Information<\/td>\n<\/tr>\n
CVE-2017-0188<\/td>\n27731<\/td>\n<\/td>\n<\/tr>\n
CVE-2017-0189<\/td>\n27732<\/td>\n<\/td>\n<\/tr>\n
CVE-2017-0191<\/td>\n<\/td>\nInsufficient Vendor Information<\/td>\n<\/tr>\n
CVE-2017-0192<\/td>\n27733<\/td>\n<\/td>\n<\/tr>\n
CVE-2017-0194<\/td>\n27728<\/td>\n<\/td>\n<\/tr>\n
CVE-2017-0195<\/td>\n<\/td>\nInsufficient Vendor Information<\/td>\n<\/tr>\n
CVE-2017-0197<\/td>\n27736<\/td>\n<\/td>\n<\/tr>\n
CVE-2017-0199<\/td>\n27726<\/td>\n<\/td>\n<\/tr>\n
CVE-2017-0200<\/td>\n27723<\/td>\n<\/td>\n<\/tr>\n
CVE-2017-0201<\/td>\n<\/td>\nInsufficient Vendor Information<\/td>\n<\/tr>\n
CVE-2017-0202<\/td>\n27724<\/td>\n<\/td>\n<\/tr>\n
CVE-2017-0203<\/td>\n<\/td>\nInsufficient Vendor Information<\/td>\n<\/tr>\n
CVE-2017-0204<\/td>\n<\/td>\nInsufficient Vendor Information<\/td>\n<\/tr>\n
CVE-2017-0205<\/td>\n27725<\/td>\n<\/td>\n<\/tr>\n
CVE-2017-0207<\/td>\n<\/td>\nInsufficient Vendor Information<\/td>\n<\/tr>\n
CVE-2017-0208<\/td>\n27737<\/td>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/div>\n

 <\/p>\n

Zero-Day Filters<\/strong><\/p>\n

There are 15 new zero-day filters covering two vendors in this week\u2019s Digital Vaccine (DV) package. A number of existing filters in this week\u2019s DV package were modified to update the filter description, update specific filter deployment recommendation, increase filter accuracy and\/or optimize performance. You can browse the list of published advisories<\/a> and upcoming advisories<\/a> on the Zero Day Initiative<\/a> website.<\/p>\n

Adobe (10)<\/em><\/strong><\/p>\n\n\n\n\n
<\/td>\n\n
    \n
  • 27554: ZDI-CAN-4431: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)<\/li>\n
  • 27556: ZDI-CAN-4432: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)<\/li>\n
  • 27748: ZDI-CAN-4486: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)<\/li>\n
  • 27749: ZDI-CAN-4487: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)<\/li>\n
  • 27750: ZDI-CAN-4488: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)<\/li>\n
  • 27751: ZDI-CAN-4489: Zero Day Initiative Vulnerability (Adobe Reader DC)<\/li>\n
  • 27753: ZDI-CAN-4490: Zero Day Initiative Vulnerability (Adobe Reader DC)<\/li>\n
  • 27808: ZDI-CAN-4491: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)<\/li>\n
  • 27809: ZDI-CAN-4492: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)<\/li>\n
  • 27811: ZDI-CAN-4493: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)<\/li>\n<\/ul>\n<\/td>\n<\/tr>\n
<\/td>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

MIcrosoft (5)<\/em><\/strong><\/p>\n\n\n\n\n
<\/td>\n\n
    \n
  • 27743: ZDI-CAN-4481: Zero Day Initiative Vulnerability (Microsoft Windows PDF Library)<\/li>\n
  • 27744: ZDI-CAN-4482: Zero Day Initiative Vulnerability (Microsoft Windows PDF Library)<\/li>\n
  • 27745: ZDI-CAN-4483: Zero Day Initiative Vulnerability (Microsoft Windows PDF Library)<\/li>\n
  • 27746: ZDI-CAN-4484: Zero Day Initiative Vulnerability (Microsoft Windows PDF Library)<\/li>\n
  • 27747: ZDI-CAN-4485: Zero Day Initiative Vulnerability (Microsoft Windows PDF Library)\u00a0<\/em><\/strong><\/li>\n<\/ul>\n<\/td>\n<\/tr>\n
<\/td>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

Missed Last Week\u2019s News?<\/strong><\/p>\n

Catch up on last week\u2019s news in my weekly recap<\/a>.<\/p>\n

http:\/\/feeds.trendmicro.com\/TrendMicroSimplySecurity<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Credit to Author: Elisa Lippincott (TippingPoint Global Product Marketing)| Date: Fri, 14 Apr 2017 13:36:54 +0000<\/strong><\/p>\n

\"\"Earlier this week marked the end of support for Windows Vista. This means anyone using Vista will no longer receiving new security updates, non-security hotfixes, free or paid assisted support options, or online technical content updates from Microsoft. If you\u2019re unable to update your version of Windows, this is where virtual patching becomes very important….<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10378,10413],"tags":[10384,714,10415],"class_list":["post-7346","post","type-post","status-publish","format-standard","hentry","category-security","category-trendmicro","tag-network","tag-security","tag-zero-day-initiative"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/7346","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=7346"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/7346\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=7346"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=7346"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=7346"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}