Zero-Day Coverage Update – Week of July 2, 2018

0

The General Data Protection Regulation (GDPR) has been up and running for a couple of months now and your organization is compliant. It’s time to take a little break – well, not so fast! Late last week, the State of California passed a new data privacy law called the California Consumer Privacy Act of 2018. Set to go in effect on January 1, 2020, it is being regarded as the strongest digital privacy policy in the United States. While it’s not as comprehensive as GDPR, there is opportunity for additional revisions to the law since it was passed by the legislature just in time to withdraw the proposed law from the November ballot. Had the initiative ended up on the ballot, any amendments to the existing text would be next to impossible. There will be much more discussion on this as the deadline gets closer. In the meantime, you can check to see if your organization is GDPR compliant by visiting www.trendmicro.com/gdpr.

Zero-Day Filters

There are 29 new zero-day filters covering eight vendors in this week’s Digital Vaccine (DV) package. A number of existing filters in this week’s DV package were modified to update the filter description, update specific filter deployment recommendation, increase filter accuracy and/or optimize performance. You can browse the list of published advisories and upcoming advisories on the Zero Day Initiative website. You can also follow the Zero Day Initiative on Twitter @thezdi and on their blog.

ABB (4)

  • 32331: ZDI-CAN-6144: Zero Day Initiative Vulnerability (ABB Panel Builder 800)
  • 32332: ZDI-CAN-6143: Zero Day Initiative Vulnerability (ABB Panel Builder 800)
  • 32334: ZDI-CAN-6142: Zero Day Initiative Vulnerability (ABB Panel Builder 800)
  • 32336: ZDI-CAN-6136: Zero Day Initiative Vulnerability (ABB Panel Builder 800)

Advantech (3)

  • 32353: ZDI-CAN-6300: Zero Day Initiative Vulnerability (Advantech WebAccess Node)
  • 32354: ZDI-CAN-6301: Zero Day Initiative Vulnerability (Advantech WebAccess Node)
  • 32356: ZDI-CAN-6302: Zero Day Initiative Vulnerability (Advantech WebAccess Node)

Delta (1)

  • 32348: ZDI-CAN-6322: Zero Day Initiative Vulnerability (Delta Industrial Automation PMSoft)

Foxit (4)

  • 32343: ZDI-CAN-6332: Zero Day Initiative Vulnerability (Foxit Reader)
  • 32345: ZDI-CAN-6330: Zero Day Initiative Vulnerability (Foxit Reader)
  • 32346: ZDI-CAN-6329: Zero Day Initiative Vulnerability (Foxit Reader)
  • 32347: ZDI-CAN-6326: Zero Day Initiative Vulnerability (Foxit Reader)

LAquis SCADA (1)

  • 32351: ZDI-CAN-6319: Zero Day Initiative Vulnerability (LAquis SCADA)

Microsoft (2)

  • 32350: ZDI-CAN-6080: Zero Day Initiative Vulnerability (Microsoft Windows)
  • 32352: ZDI-CAN-6081: Zero Day Initiative Vulnerability (Microsoft Windows)

Quest (2)

  • 32342: ZDI-CAN-6075: Zero Day Initiative Vulnerability (Quest KACE Systems Management)
  • 32355: ZDI-CAN-6095: Zero Day Initiative Vulnerability (Quest KACE Systems Management)

WECON (12)

  • 32257: ZDI-CAN-5956: Zero Day Initiative Vulnerability (WECON LeviStudioU)
  • 32319: ZDI-CAN-5924: Zero Day Initiative Vulnerability (WECON LeviStudioU)
  • 32323: ZDI-CAN-5938: Zero Day Initiative Vulnerability (WECON LeviStudioU)
  • 32324: ZDI-CAN-5931: Zero Day Initiative Vulnerability (WECON LeviStudioU)
  • 32325: ZDI-CAN-5929,5930: Zero Day Initiative Vulnerability (WECON LeviStudioU)
  • 32326: ZDI-CAN-5928: Zero Day Initiative Vulnerability (WECON LeviStudioU)
  • 32328: ZDI-CAN-5925,5926: Zero Day Initiative Vulnerability (WECON LeviStudioU)
  • 32329: ZDI-CAN-5927: Zero Day Initiative Vulnerability (WECON LeviStudioU)
  • 32330: ZDI-CAN-6062: Zero Day Initiative Vulnerability (WECON LeviStudioU)
  • 32333: ZDI-CAN-6063,6065: Zero Day Initiative Vulnerability (WECON LeviStudioU)
  • 32335: ZDI-CAN-6064: Zero Day Initiative Vulnerability (WECON LeviStudioU)
  • 32339: ZDI-CAN-6067: Zero Day Initiative Vulnerability (WECON LeviStudioU)

Missed Last Week’s News?

Catch up on last week’s news in my weekly recap.

Read More HERE

0