3Com's Zero Day Initiative Issues Advisory for Macromedia Vulnerability Discovered Through Program.MALBOROUGH, Mass. -- Zero Day Initiative Leads to Discovery and Patch of Vulnerability through Collaboration Working together on a project. See collaborative software. with Vendor; 3Com Protects Customers Before Flaw Disclosed Publicly 3Com and its TippingPoint division, today announced a new vulnerability in Adobe adobe (ədō`bē): see rammed earth. adobe Handmade sun-dried bricks formed from a mixture of heavy clay and straw found in arid regions. Macromedia Shockwave discovered and disclosed through the Zero Day Initiative (ZDI ZDI Zero Day Initiative (3Com/Tippingpoint) ). Through ZDI, 3Com notified Macromedia, recently acquired by Adobe, of the vulnerability. The company worked quickly to issue a corresponding software update, eliminating the threat of a zero day attack. The vulnerability was discovered in the Macromedia Shockwave installer, and could allow an attacker to compromise a vulnerable host. Upon validating val·i·date tr.v. val·i·dat·ed, val·i·dat·ing, val·i·dates 1. To declare or make legally valid. 2. To mark with an indication of official sanction. 3. the vulnerability information, 3Com reported the threat to Macromedia on November 22, 2005, who in turn applied the necessary resources to address the vulnerability, disclosed today with a software update. 3Com customers using the TippingPoint(TM) Intrusion Prevention See IPS and IDS. System (IPS (1) (Inches Per Second) The measurement of the speed of tape passing by a read/write head or paper passing through a pen plotter. (2) (IPS) (Intrusion Prevention S ) have been preemptively protected against potential zero day attacks targeting the vulnerability since November 22, 2005. The Zero Day Initiative was launched by 3Com in July 2005 to enable the responsible disclosure of vulnerabilities in order to make technology more secure for users and businesses. A zero day vulnerability is one that is unknown or one that has been publicly disclosed without a corresponding patch or solution. Since the launch, over 250 researchers have registered for the program. Through the program, 3Com rewards security researchers for responsibly informing 3Com of newly discovered zero day vulnerabilities. 3Com notifies the affected vendor so a patch can be developed and the researcher agrees to keep the information confidential until the patch is issued so affected organizations are not at risk of attack. In addition to protecting all users from zero day threats by ensuring potentially harmful information is kept confidential until a solution is available, TippingPoint customers are protected against exploits of zero day vulnerabilities through security filters delivered through the Digital Vaccine vaccine Preparation containing either killed or weakened live microorganisms or their toxins, introduced by mouth, by injection, or by nasal spray to stimulate production of antibodies against an infectious agent. (R) service. "The Macromedia vulnerability is the fifth vendor vulnerability disclosed through ZDI with a corresponding fix," said David Endler, director of security research for 3Com's TippingPoint division. "By ensuring threat information remains confidential until a solution is available, we are helping strengthen security for all technology users and reducing the risk of zero day attacks." Discovered by an independent researcher, the vulnerability allows an unauthenticated attacker to compromise a user's machine remotely. For a full list of ZDI advisories and specific information on the Macromedia vulnerability, please visit: http://www.zerodayinitiative.com/advisories.html. About TippingPoint, a division of 3Com TippingPoint, a division of 3Com, is the leading provider of network-based intrusion prevention systems. The TippingPoint IPS is the most decorated dec·o·rate tr.v. dec·o·rat·ed, dec·o·rat·ing, dec·o·rates 1. To furnish, provide, or adorn with something ornamental; embellish. 2. in its industry. For a full list of awards, visit http://www.tippingpoint.com/products_certifications.html. Our innovative approach offers customers unmatched network-based security with unrivaled economics, ultra-high performance, scalability and reliability. TippingPoint is based in Austin, Texas, and can be contacted through its Web site at www.tippingpoint.com or by telephone at 1-888-TRUE-IPS. About 3Com Corporation 3Com Corporation (NASDAQ NASDAQ in full National Association of Securities Dealers Automated Quotations U.S. market for over-the-counter securities. Established in 1971 by the National Association of Securities Dealers (NASD), NASDAQ is an automated quotation system that reports on : COMS COMS 3Com Corporation (stock symbol) COMS Certified Orientation and Mobility Specialist COMS Continuous Opacity Monitoring Systems COMS City of Manchester Stadium (UK) ) is a leading provider of secure, converged voice and data networking solutions for enterprises of all sizes. 3Com offers a broad line of innovative products backed by world class sales, service and support, which excel at Verb 1. excel at - be good at; "She shines at math" shine at excel, surpass, stand out - distinguish oneself; "She excelled in math" delivering business value for its customers. Through its TippingPoint division, 3Com is the leading provider of network-based intrusion prevention systems that deliver in-depth application protection, infrastructure protection, and performance protection for corporate enterprises, government agencies, service providers and academic institutions. For further information, please visit www.3com.com, or the press site www.3com.com/pressbox. Copyright (C) 2006 3Com Corporation. 3Com, the 3Com logo and Digital Vaccine are registered trademarks and TippingPoint is a trademark of 3Com Corporation or its subsidiaries. All other company and product names may be trademarks of their respective holders. |
|
||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion