3Com's Zero Day Initiative Uncovers Two Microsoft Vulnerabilities; Provides Customers with Same-Day Protection; 3Com Also Protects Customers Against All Other Critical Microsoft Bulletins Disclosed Today.MALBOROUGH, Mass. -- 3Com and its TippingPoint division today announced that two critical new Microsoft vulnerabilities were discovered and disclosed through the Zero Day Initiative (ZDI ZDI Zero Day Initiative (3Com/Tippingpoint) ). Through ZDI, 3Com notified Microsoft of the vulnerabilities, who worked quickly to issue a corresponding patch today in this month's Microsoft bulletins, eliminating the threat of a zero day attack. Through the Digital Vaccine vaccine Preparation containing either killed or weakened live microorganisms or their toxins, introduced by mouth, by injection, or by nasal spray to stimulate production of antibodies against an infectious agent. (R) update service, TippingPoint(TM) Intrusion Prevention See IPS and IDS. Systems (IPS (1) (Inches Per Second) The measurement of the speed of tape passing by a read/write head or paper passing through a pen plotter. (2) (IPS) (Intrusion Prevention S ) provided protection for these vulnerabilities and all other critical bulletins announced by Microsoft today. The two critical vulnerabilities fixed were both in Microsoft's Internet Explorer Microsoft's Web browser, which comes with Windows starting with Windows 98. Commonly called "IE," versions for Mac and Unix are also available. Internet Explorer is the most widely used Web browser on the market. It has also been the browser engine in AOL's Internet access software. browser browser Software that allows a computer user to find and view information on the Internet. The first text-based browser for the World Wide Web became available in 1991; Web use expanded rapidly after the release in 1993 of a browser called Mosaic, which used (MS06-021: CVE-2006-2382 and CVE-2006-1303) and could have allowed an attacker to take complete control over a victim's computer if that user was logged in with administrative rights. Upon validating val·i·date tr.v. val·i·dat·ed, val·i·dat·ing, val·i·dates 1. To declare or make legally valid. 2. To mark with an indication of official sanction. 3. the vulnerabilities, 3Com reported the issues to Microsoft, which in turn applied the necessary resources to address the vulnerability and issued the patch today. 3Com customers using the TippingPoint IPS were preemptively protected against potential zero day attacks targeting the vulnerability. The Microsoft Word A full-featured word processing program for Windows and the Macintosh from Microsoft. Included in the Microsoft application suite, it is a sophisticated program with rudimentary desktop publishing capabilities that has become the most widely used word processing application on the market. vulnerability (MS06-027) also patched today, already had been exploited in the wild to install malicious Involving malice; characterized by wicked or mischievous motives or intentions. An act done maliciously is one that is wrongful and performed willfully or intentionally, and without legal justification. DESERTION, MALICIOUS. programs on users' systems. TippingPoint customers have been protected from exploitation of this vulnerability since May 23, 2006. The goal of the Zero Day Initiative is to enable the responsible disclosure of vulnerabilities in order to make technology more secure for users and businesses. A zero day vulnerability is one that is unknown or one that has been publicly disclosed without a corresponding patch. Through the program, 3Com rewards security researchers for responsibly informing 3Com of newly discovered zero day vulnerabilities. 3Com notifies the affected vendor so a patch can be developed, and the researcher agrees to keep the information confidential until the patch is issued so affected organizations are not at risk. In addition to protecting all users from zero day threats by ensuring information is kept confidential until a patch is issued, TippingPoint customers are protected against zero day attacks through security filters delivered through the Digital Vaccine service. In addition to protecting customers from the Internet Explorer vulnerabilities, TippingPoint Intrusion Prevention Systems were inoculated against issues in all of today's critical severity Microsoft bulletins through the Digital Vaccine service. Today marks the most vulnerabilities ever fixed at one time by Microsoft. The TippingPoint IPS provides protection for the following security bulletins announced by Microsoft today: (1) MS06-021 Cumulative Security Update for Internet Explorer (Rating: Critical) (2) MS06-022 Vulnerability in ART Image Rendering Could Allow Remote Code Execution (Rating: Critical) (3) MS06-023 Vulnerability in Microsoft JScript Could Allow Remote Code Execution (Rating: Critical) (4) MS06-024 Vulnerability in Windows Media Player Could Allow Remote Code Execution (Rating: Critical) (5) MS06-025 Vulnerability in Routing and Remote Access Could Allow Remote Code Execution (Rating: Critical) (6) MS06-026 Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution (Rating: Critical) (7) MS06-027 Vulnerability in Microsoft Word Could Allow Remote Code Execution (Rating: Critical) (8) MS06-028 Vulnerability in Microsoft PowerPoint Could Allow Remote Code Execution (Rating: Critical) (9) MS06-029 Vulnerability in Microsoft Exchange Server Running Outlook Web Access Could Allow Script Injection (Rating: Important) (10) MS06-032 Vulnerability in TCP/IP Could Allow Remote Code Execution (Rating: Important) For more information on the Microsoft vulnerabilities, please visit: http://www.microsoft.com/technet/security/bulletin/ms06-jun.mspx. For a full list of ZDI advisories and specific information on the Microsoft vulnerabilities, please visit: http://www.zerodayinitiative.com/advisories.html. About TippingPoint, a division of 3Com TippingPoint, a division of 3Com, is the leading provider of network-based intrusion prevention systems. The TippingPoint IPS is the most decorated dec·o·rate tr.v. dec·o·rat·ed, dec·o·rat·ing, dec·o·rates 1. To furnish, provide, or adorn with something ornamental; embellish. 2. in its industry. For a full list of awards, visit http://www.tippingpoint.com/products_certifications.html. Our innovative approach offers customers unmatched network-based security with ultra-high performance, scalability and reliability. TippingPoint is based in Austin, Texas, and can be contacted through its Web site at www.tippingpoint.com or by telephone at 1-888-TRUE-IPS. About 3Com Corporation 3Com Corporation (NASDAQ NASDAQ in full National Association of Securities Dealers Automated Quotations U.S. market for over-the-counter securities. Established in 1971 by the National Association of Securities Dealers (NASD), NASDAQ is an automated quotation system that reports on : COMS COMS 3Com Corporation (stock symbol) COMS Certified Orientation and Mobility Specialist COMS Continuous Opacity Monitoring Systems COMS City of Manchester Stadium (UK) ) is a leading provider of secure, converged voice and data networking solutions for enterprises of all sizes. 3Com offers a broad line of innovative products backed by world class sales, service and support, which excel at Verb 1. excel at - be good at; "She shines at math" shine at excel, surpass, stand out - distinguish oneself; "She excelled in math" delivering business value for its customers. Through its TippingPoint division, 3Com is the leading provider of network-based intrusion prevention systems that deliver in-depth application protection, infrastructure protection, and performance protection. 3Com also is the majority owner of Huawei-3Com Co., Ltd. (H-3C), a China-based joint venture formed by 3Com and Huawei in November 2003. H-3C brings innovative and cost-effective cost-effective, n the minimal expenditure of dollars, time, and other elements necessary to achieve the health care result deemed necessary and appropriate. product development and manufacturing and a strong footprint The amount of geographic space covered by an object. A computer footprint is the desk or floor surface it occupies. A satellite's footprint is the earth area covered by its downlink. See form factor. 1. in one of the world's most dynamic markets. For further information, please visit www.3com.com, or the press site www.3com.com/pressbox. Copyright (C) 2006 3Com Corporation. 3Com, the 3Com logo and Digital Vaccine are registered trademarks and TippingPoint is a trademark of 3Com Corporation or its subsidiaries. All other company and product names may be trademarks of their respective holders. |
|
||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion