[ news_security_news ]
TippingPoint Takes On Latest Microsoft Vulnerabilities
SecurityProNews
Staff Writer
2004-12-28
 Insider Reports RSS Feed
TippingPoint's UnityOne Intrusion Prevention Systems offer preemptive, vulnerability- based protection against critical new vulnerabilities and exploits in Microsoft Windows announced late last week.
"Trojan.Phel.A" was also discovered yesterday, and is already exploiting a vulnerability for which a patch has not yet been issued, making TippingPoint's UnityOne the only solution for network protection.
The most severe of the new Windows vulnerabilities includes an overflow in the Windows Load Image API, which can be exploited simply by viewing a specially crafted icon, cursor, or bitmap file in a Web page or e-mail. Also last week, a fully-functional remote code execution exploit was released for Internet Explorer, which bypasses the "Local Computer" zone security restrictions in Windows XP service pack 2 through the HTML Help ActiveX control. A variant of this code, Trojan.Phel.A, is malicious code distributed as an HTML file that emerged yesterday, only four days after the original exploit was made public. Exploitation of either issue could allow an attacker to run any program on the victim's computer with the victim's user privileges.
TippingPoint delivered vulnerability filters known as Virtual Software Patches through its automated Digital Vaccine Service to UnityOne users within 12 hours of the new Windows vulnerabilities being made public last Thursday, and prior to the discovery of Trojan.Phel.A. UnityOne systems are updated with the Digital Vaccine service on a continuous basis so customers have zero-day protection in advance of a worm or automated exploit.
"While many of our customers were on vacation and away from the office, their UnityOne systems were automatically updated with the latest protection against these new Windows vulnerabilities," said TippingPoint's Chief Technology and Strategy Officer Marc Willebeek-LeMair. "In addition to the inconvenient timing of the holidays, this round of vulnerability announcements was further exacerbated by the fact that there simply are no patches available yet. Intrusion prevention is the only network-based method of protection for these types of emerging zero-day threats."
TippingPoint's UnityOne Intrusion Prevention System provides Application Protection, Performance Protection and Infrastructure Protection at gigabit speeds through total packet inspection. Application Protection capabilities provide fast, accurate, reliable protection from internal and external cyber attacks. Through its Infrastructure Protection capabilities, UnityOne protects VoIP infrastructure, routers, switches, DNS and other critical infrastructure from targeted attacks and traffic anomalies. UnityOne Performance Protection capabilities enable customers to throttle non-mission critical applications that hijack valuable bandwidth and IT resources, thereby aligning network resources and business-critical application performance.
About the Author:
SecurityProNews is a daily online and email publication focusing on internet security issues.
More news_security_news Articles
Insider Reports RSS Feed
|
|
iEntry 10th Anniversary
RSS
Archive
