Palo Alto Networks Unit 42 Vulnerability Research December 2016 Disclosures


Palo-Alto-Networks-Logo

As part of Unit 42’s ongoing threat research, we can now disclose that Palo Alto Networks Unit 42 researchers have reported six vulnerabilities that have been fixed by Apple, Adobe and Microsoft.

This includes two vulnerabilities in Apple WebKit and impacts iCloud for Windows, Safari, iTunes for Windows, tvOS and iOS.

  1. CVE-2016-7639: Tongbo Luo
  2. CVE-2016-7642: Tongbo Luo

This includes three code execution vulnerabilities affecting Adobe Flash (APSB16-39).

  1. CVE-2016-7873: Tao Yan
  2. CVE-2016-7874: Tao Yan
  3. CVE-2016-7871: Tao Yan

And this includes one memory corruption vulnerability affecting Microsoft Office for the Mac (MS16-148):

  1. CVE-2016-7263: Jin Chen

For current customers with a Threat Prevention subscription, Palo Alto Networks has also released IPS signatures providing proactive protection from these vulnerabilities.

Palo Alto Networks is a regular contributor to vulnerability research in Microsoft, Adobe, Apple, Google Android and other ecosystems. By proactively identifying these vulnerabilities, developing protections for our customers, and sharing the information with the security community, we are removing weapons used by attackers to threaten users, and compromise enterprise, government, and service provider networks.

[Palo Alto Networks Research Center]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.