TippingPoint Threat Intelligence and Zero-Day Coverage – Week of August 8, 2016

A quinceañera is a Latin American “coming of age” celebration of a girl’s fifteenth birthday – similar to that of a Sweet Sixteen celebration in North America or a Bat Mitzvah in the Jewish community. Some quinceañeras can be as expensive as a small wedding or a down payment on an expensive car, so I opted not to have one when I turned 15. It was still a special birthday nonetheless.

Whether you spend time with a small group of friends or dress up like a princess, birthdays are worth celebrating, especially the big ones. On August 10, TippingPoint celebrated its 15^th birthday. We’ve had different company names and different owners throughout the years, and I thank my lucky stars I’ve been able to see it all unfold from the very beginning. It has been a fun, crazy ride meeting and working with some of the smartest and most talented people in the security industry, many whom I consider family. We’re now part of Trend Micro and I look forward to our exciting journey ahead. Happy Birthday TippingPoint! I wish you many more!

Microsoft Patch Tuesday Update

This week’s Digital Vaccine (DV) package includes coverage for the Microsoft Security Bulletins released on or before August 9, 2016. This month’s Patch Tuesday covered 34 CVEs with nine update bulletins – five of them rated critical. The following table maps Digital Vaccine filters to the Microsoft Security Bulletins. Filters designated with an asterisk (*) shipped prior to this week’s package, providing zero-day protection for our customers:

TippingPoint Operating System (TOS) v3.8.4 Maintenance Release

Earlier this week, the TippingPoint Operating System (TOS) v3.8.4 was released. TippingPoint recommends upgrading to TOS v3.8.4 as it addresses product bulletin #1061 and other important issues further detailed in the release notes along with the following changes:

Customers should refer to the release notes for the complete list of enhancements and changes. For Release Notes and other product documentation, customers can visit the Threat Management Center (TMC) website at https://tmc.tippingpoint.com.

Zero-Day Filters

There are 14 new zero-day filters covering seven vendors in this week’s Digital Vaccine (DV) package. A number of existing filters in this week’s DV package were modified to update the filter description, update specific filter deployment recommendation, increase filter accuracy and/or optimize performance. You can browse the list of published advisories and upcoming advisories on the Zero Day Initiative website.

Adobe (5)

Microsoft (3)

Foxit (2)

Hewlett Packard Enterprise (1)

Lepide (1)

Novell (1)

Schneider Electric (1)

Updated Existing Zero-Day Filters

This section highlights specific filter(s) of interest in this week’s Digital Vaccine package that have been updated as a result of a vendor either issuing a patch for a vulnerability found via the Zero Day Initiative or a vulnerability that has been published by the Zero Day Initiative in accordance with its Disclosure Policy.

A few of the filters we have for this month’s Microsoft bulletins have been updated to reflect the fact that the vulnerabilities have been patched:

Missed Last Week’s News?

Catch up on last week’s news in my weekly recap posted on the Trend Micro Simply Security blog!