TippingPoint Threat Intelligence and Zero-Day Coverage – Week of July 17, 2017

Type trendmicroblog
Reporter Elisa Lippincott (TippingPoint Global Product Marketing)
Modified 2017-07-21T18:07:14


If you conduct a search on the Web for the number of languages spoken around the world, you’ll see numbers ranging anywhere from 6,000-7,000. I figure I’m doing okay since I can speak English and Spanish, sign the English alphabet, recite the Greek alphabet, and read music. There are roughly over 1.2 billion web sites on the Internet, yet, a large majority of those sites share the same programming language.

Earlier this week, Zero Day Initiative (ZDI) vulnerability researcher Simon Zuckerbraun published a blog discussing how JavaScript grew from a simple scripting language to become the assembly language of the web. According to the results of the 2016 StackOverflow Developer Survey, “JavaScript is the most commonly used programming language on Earth.” In addition to its role as a programming language, JavaScript often serves as the intermediate representation for dozens of other compiled languages. So you can imagine what can happen. A new class of security risk is emerging in connection with JavaScript – the danger of vulnerabilities in the execution engine itself. Simon’s blog is the first in a series on JavaScript vulnerabilities and how the broad implementation of the language affects the enterprise attack surface. You can read his blog here: Understanding Risk in the Unintended Giant: JavaScript.

Adobe Security Update

This week’s Digital Vaccine (DV) package includes coverage for Adobe updates released on or before July 11, 2017. The following table maps Digital Vaccine filters to the Adobe updates. Filters marked with an (*) shipped prior to this DV package, providing zero-day protection for our customers. You can get more detailed information on this month’s security updates from Dustin Childs’ July 2017 Security Update Review from the Zero Day Initiative:

Bulletin # | CVE # | Digital Vaccine Filter # | Status
APSB17-21 | CVE-2017-3080 | 29078 |
APSB17-21 | CVE-2017-3099 | 29130 |
APSB17-21 | CVE-2017-3100 | *28917 |

Zero-Day Filters

There is one new zero-day filter covering one vendor in this week’s Digital Vaccine (DV) package. A number of existing filters in this week’s DV package were modified to update the filter description, update specific filter deployment recommendation, increase filter accuracy and/or optimize performance. You can browse the list of published advisories and upcoming advisories on the Zero Day Initiative website.

Adobe (1)


  • 29078: HTTP: Adobe Flash Broker API Information Disclosure Vulnerability (ZDI-17-486)

Missed Last Week’s News?

Catch up on last week’s news in my weekly recap.