Lucene search

K
trendmicroblogElisa Lippincott (TippingPoint Global Product Marketing)TRENDMICROBLOG:E671F1DA89C14989CDFAEB298B71BF9D
HistoryJul 14, 2017 - 12:00 p.m.

TippingPoint Threat Intelligence and Zero-Day Coverage – Week of July 10, 2017

2017-07-1412:00:02
Elisa Lippincott (TippingPoint Global Product Marketing)
blog.trendmicro.com
245

0.973 High

EPSS

Percentile

99.8%

Before the world of laptops, tablets and smart phones, some of us had to use paper-based solutions to keep track of our calendars and to-do lists. I used a Franklin Planner, where I kept track of my calendar as well as my never-ending to-do list. The Franklin Planner used the “ABC” system to help you prioritize your tasks. If you use Microsoft Outlook, you can see this same approach in the Tasks section where you can assign your items with a high, normal, or low priority.

If you have a large number of tasks on your plate, it’s a nice and easy way to prioritize what you need to work on first.

Now imagine using a Franklin planner to prioritize thousands of security events in your network every 30 seconds? It’s inconceivable! Even if you have an arsenal of security tools at your disposal, how do you determine what to focus on first? To help our customers make sense of what’s going on in their network, we recently announced SMS Threat Insights, a new feature in our TippingPoint Security Management System (SMS). SMS Threat Insights aggregates threat data from multiple sources and compiles it to help you prioritize security response measures, increase visibility into current and potential threats impacting your network, and provide insight into preemptive protection actions that may have already been taken. You can learn more about SMS Threat Insights from my blog: Not All Threats Are Created Equal. If you want to see SMS Threat Insights in action, get a quick demo here.

Microsoft Update

This week’s Digital Vaccine (DV) package includes coverage for Microsoft updates released on or before July 11, 2017. Microsoft released patches for Windows, Internet Explorer, Edge, Office, SharePoint, .NET Framework, Exchange, and HoloLens. A total of 19 of these CVEs are rated Critical. The following table maps Digital Vaccine filters to the Microsoft updates. You can get more detailed information on this month’s security updates from Dustin Childs’ July 2017 Security Update Review from the Zero Day Initiative:

CVE # Digital Vaccine Filter # Status
CVE-2017-0170 No Vendor Intelligence Provided
CVE-2017-0243 29051
CVE-2017-8463 No Vendor Intelligence Provided
CVE-2017-8467 No Vendor Intelligence Provided
CVE-2017-8486 No Vendor Intelligence Provided
CVE-2017-8495 No Vendor Intelligence Provided
CVE-2017-8501 No Vendor Intelligence Provided
CVE-2017-8502 No Vendor Intelligence Provided
CVE-2017-8556 No Vendor Intelligence Provided
CVE-2017-8557 No Vendor Intelligence Provided
CVE-2017-8559 No Vendor Intelligence Provided
CVE-2017-8560 No Vendor Intelligence Provided
CVE-2017-8561 No Vendor Intelligence Provided
CVE-2017-8562 No Vendor Intelligence Provided
CVE-2017-8563 No Vendor Intelligence Provided
CVE-2017-8564 No Vendor Intelligence Provided
CVE-2017-8565 No Vendor Intelligence Provided
CVE-2017-8566 No Vendor Intelligence Provided
CVE-2017-8569 No Vendor Intelligence Provided
CVE-2017-8570 No Vendor Intelligence Provided
CVE-2017-8573 No Vendor Intelligence Provided
CVE-2017-8574 No Vendor Intelligence Provided
CVE-2017-8577 29054
CVE-2017-8578 29055
CVE-2017-8580 Insufficient Vendor Information
CVE-2017-8581 No Vendor Intelligence Provided
CVE-2017-8582 No Vendor Intelligence Provided
CVE-2017-8584 No Vendor Intelligence Provided
CVE-2017-8585 No Vendor Intelligence Provided
CVE-2017-8587 No Vendor Intelligence Provided
CVE-2017-8588 No Vendor Intelligence Provided
CVE-2017-8589 No Vendor Intelligence Provided
CVE-2017-8590 No Vendor Intelligence Provided
CVE-2017-8592 29048
CVE-2017-8594 29046
CVE-2017-8595 No Vendor Intelligence Provided
CVE-2017-8596 No Vendor Intelligence Provided
CVE-2017-8598 29050
CVE-2017-8599 No Vendor Intelligence Provided
CVE-2017-8601 29047
CVE-2017-8602 No Vendor Intelligence Provided
CVE-2017-8603 No Vendor Intelligence Provided
CVE-2017-8604 No Vendor Intelligence Provided
CVE-2017-8605 29049
CVE-2017-8606 No Vendor Intelligence Provided
CVE-2017-8607 No Vendor Intelligence Provided
CVE-2017-8608 No Vendor Intelligence Provided
CVE-2017-8609 No Vendor Intelligence Provided
CVE-2017-8610 No Vendor Intelligence Provided
CVE-2017-8611 No Vendor Intelligence Provided
CVE-2017-8617 29056
CVE-2017-8618 29045
CVE-2017-8619 29057

End of Sale/End of Life Announcement for TippingPoint N-Series (S660N and S1400N)

Last week, we announced the end-of-sale (EOS) and end-of-life (EOL) dates for the TippingPoint N-Series solutions (S660N and S1400N). The last day to order the affected products is September 30, 2017 while quantities last. Customers with active maintenance contracts will continue to receive support from TippingPoint’s Technical Assistance Center (TAC) for five years after the end-of-sale date. Maintenance contracts can continue to be purchased to cover the five years of support following the end-of-sale date, however, they must be purchased during the first two years following the end-of-sale date as described in the table below. Maintenance contracts cannot be extend beyond the end-of-support date.

Impacted Product SKUs and Descriptions

Part Number**(HP/Trend Micro)** Device Description End of Sale Date
JC019A/TPNN0020 TippingPoint S660N Intrusion Prevention System September 30, 2017
JC020A/TPNN0023 TippingPoint S1400N Intrusion Prevention System September 30, 2017

Product End of Life Dates

Milestone Definition End of Sale Date
End of Sale Announcement The date on which Trend Micro announces the upcoming end of sale and end of support of a product. July 7, 2017
End of Sale (Appliance) The last date to order a product through Trend Micro point of sale. The product is removed from the price list after this date. September 30, 2017
End of Sale (Maintenance Renewals) The last date to order maintenance renewals. September 30, 2019
End of Support The last date that support calls will be accepted for the affected product. RMA’s will cease after this date. Digital Vaccine and ThreatDV updates will cease for the affected products after this date. September 30, 2022

We recommend that customers upgrade to the most current TippingPoint security platforms. At the time of this bulletin, the Threat Protection System (TPS) models 440T, 2200T and vTPS are the most comparable models to the 660N and 1400N. Contact your sales representative for more information:

|

  • TippingPoint 440T Threat Protection System (TPNN0002)
  • TippingPoint 2200T Threat Protection System (TPNN0005)
  • TippingPoint 2600NX Intrusion Prevention System (TPNN0048)
  • Virtual Threat Protection System (TPTN0060)
    —|—
    |

Customers with concerns or questions regarding this issue can contact the Trend Micro TippingPoint Technical Assistance Center (TAC).

Zero-Day Filters

There is one new zero-day filter covering one vendor in this week’s Digital Vaccine (DV) package. A number of existing filters in this week’s DV package were modified to update the filter description, update specific filter deployment recommendation, increase filter accuracy and/or optimize performance. You can browse the list of published advisories and upcoming advisories on the Zero Day Initiative website.

Linksys (1)

|

  • 29060: ZDI-CAN-4892: Zero Day Initiative Vulnerability (Linksys WVBR0)_ _
    —|—
    |

Missed Last Week’s News?

Catch up on last week’s news in my weekly recap.

0.973 High

EPSS

Percentile

99.8%

Related for TRENDMICROBLOG:E671F1DA89C14989CDFAEB298B71BF9D