Advisory: Blue Coat Secures Against IE Redirection Threat and JS/Scob Trojan.Threat Exhibits Spyware Characteristics and Transmits Confidential Data from User Desktops Blue Coat(TM) Systems, Inc. , a leading provider of proxy appliances, today announced that its ProxySG(TM) and ProxyAV(TM) appliances safeguard organizations from threats exploiting the recently discovered HTTP HTTP in full HyperText Transfer Protocol Standard application-level protocol used for exchanging files on the World Wide Web. HTTP runs on top of the TCP/IP protocol. Redirect Vulnerability in Microsoft Internet Explorer See Internet Explorer. (IE), including the JS/Scob Trojan. This widespread vulnerability can allow hackers to take control of desktop computers and extract confidential information Noun 1. confidential information - an indication of potential opportunity; "he got a tip on the stock market"; "a good lead for a job" steer, tip, wind, hint, lead from corporate systems. Symptoms A vulnerability has been discovered in Microsoft's Internet Explorer Microsoft's Web browser, which comes with Windows starting with Windows 98. Commonly called "IE," versions for Mac and Unix are also available. Internet Explorer is the most widely used Web browser on the market. It has also been the browser engine in AOL's Internet access software. , which fails to assess the security attributes of a Web page being served by an infected Web server. This vulnerability allows an attacker to execute code within the "Local Machine Zone" security domain on desktop computers (a security setting treated with a high-level of trust because it assumes only content on the user's machine is being accessed). The vulnerability is currently being exploited by the JS/Scob Trojan, also known as Download.Ject, which communicates from infected desktop computers to a malicious Web server. It then downloads spyware that can transmit confidential information, such as financial data and passwords, to the malicious source outside the network. Future variants could download other types of malicious code. Solution Blue Coat proxy appliances are designed to provide a secure layer between users on the network and the Web. Using Blue Coat, organizations can safeguard against threats that exploit vulnerabilities in IE Web browsers. Blue Coat's solution is uniquely capable of mitigating this IE vulnerability, and preventing a Web server from loading malicious code on a desktop computer, because of its comprehensive visibility and control over the Web channel. Blue Coat provides protection on multiple layers: 1. Blue Coat's ProxySG appliances are capable of reviewing all incoming response headers for location requests, and blocking those that are invalid. 2. The ProxySG directs Web content susceptible to virus infection to the ProxyAV appliance, where the JS/Scob remote access Trojan can be detected and deleted. This provides a signature-based layer that complements the ProxySG's capabilities. 3. The ProxySG acts as a "middle-man" between users on the network and Internet to terminate any unauthorized attempted communication of confidential information. This further mitigates risks if the Trojan already exists on any desktop computers. 4. The ProxySG also supports blocking by "user-agent type" to restrict the use of browser versions that are subject to this vulnerability. 5. As an added measure, the ProxySG appliance enables administrators to explicitly block known Web sites or files that contain malicious code. Blue Coat recommends that customers reference the Technical Brief titled "Addressing IE Vulnerabilities" located at http://www.bluecoat blue·coat n. A person who wears a blue uniform, especially a police officer. blue  coat .com/resources/resourcedocs/techbriefs.html for more
instructions on configuring its ProxySG appliances to avert the threats
posed by IE vulnerabilities. Those interested in learning more about
the benefits of proxy appliances should also visit
http://www.bluecoat.com/ for information.
About Blue Coat Systems Blue Coat enables organizations to keep "good" employees from doing "bad" things on the Internet. Blue Coat wire-speed proxy appliances provide visibility and control of Web communications to address today's new business risks -- such as inappropriate Web surfing Refers to jumping from page to page on the Web. Just as in "TV channel surfing," where one clicks the remote to go from channel to channel, the hyperlink on Web pages makes it easy to jump from one page to another. , viruses brought in via back door channels such as instant messaging Exchanging text messages in real time between two or more people logged into a particular instant messaging (IM) service. Instant messaging is more interactive than e-mail because messages are sent immediately, whereas e-mail messages can be queued up in a mail server for seconds or and Web-based email, and network resource abuse due to peer-to-peer (P2P See peer-to-peer and point-to-point. ) file sharing Copying files from one computer to another. See peer-to-peer network, file sharing protocol and file and printer sharing. and video streaming. Trusted by many of the world's most influential organizations, Blue Coat has shipped more than 18,000 proxy appliances. Blue Coat is headquartered in Sunnyvale, California, and can be reached at 408-220-2200 or http://www.bluecoat.com/. FORWARD LOOKING STATEMENTS: The statements contained in this press release that are not purely historical are forward-looking statements, including statements regarding Blue Coat Systems' expectations, beliefs, intentions or strategies regarding the future, including the capabilities of the ProxySG and ProxyAV. All forward-looking statements included in this press release are based upon information available to Blue Coat Systems as of the date hereof, and Blue Coat Systems assumes no obligation to update any such forward-looking statements. Forward-looking statements involve risks and uncertainties, which could cause actual results to differ materially from those projected. These and other risks relating to Blue Coat Systems' business are set forth in Blue Coat Systems' most recently filed Form 10-Q for the quarter ended January 31, 2004, and other reports filed from time to time with the Securities and Exchange Commission. NOTE: All trademarks, trade names or service marks used or mentioned herein belong to their respective owners. CONTACT: Tony Thompson of Blue Coat Systems, Inc., +1-408-220-2305, or tony.thompson@bluecoat.com; or Kimberly Angell of Schwartz Communications +1-415-512-0770, or bluecoat@schwartz-pr.com, for Blue Coat Web site: http://www.bluecoat.com/ |
|
||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion