AppSense Discloses View on New Internet Explorer Vulnerability: Are Security Company Announcements Really Protecting Us? Proactive Prevention is the Only Effective Solution.FT. LAUDERDALE, Fla. -- Situation: A new and potentially damaging vulnerability has been exposed in Internet Explorer Microsoft's Web browser, which comes with Windows starting with Windows 98. Commonly called "IE," versions for Mac and Unix are also available. Internet Explorer is the most widely used Web browser on the market. It has also been the browser engine in AOL's Internet access software. . (See news article http://news.zdnet.com/2100-1009_11-6115966.html?tag=sas.email) AppSense's view: This Internet Explorer vulnerability was announced just following Microsoft patch Tuesday The day Microsoft releases new patches for Windows, which is the second Tuesday of the month. Also called "Black Tuesday." See patch. . This is becoming more and more of a habit these days. The patches come out and a new vulnerability is announced right afterward--a vulnerability that now has an entire month to be exploited and cause chaos before it can be fixed by Microsoft. This is beyond a coincidence. Also, the announcement was made by security company Xsec. This causes us to question the extent to which companies that publish vulnerabilities, such as these, are actually protecting customers and how much they are leaving them open to attack. As Martin Ingram Martin Ingram is the pseudonym of an ex-British Army soldier who served in the Intelligence Corp and Force Research Unit (FRU). He has made a number of allegations about the conduct of the British Army, its operations in Northern Ireland via the FRU, and against figures in the , VP Product Management, AppSense, says, "With friends like these people, you do not need enemies." Searching for vulnerabilities is equal measures The introduction to this article provides insufficient context for those unfamiliar with the subject matter. Please help [ improve the introduction] to meet Wikipedia's layout standards. You can discuss the issue on the talk page. of art, science and old-fashioned hard work. Techniques such as fuzzing See fuzz testing. , to automate To turn a set of manual steps into an operation that goes by itself. See automation. the search for vulnerabilities, have been in the news recently but in reality they automate only some of the process. This vulnerability release was, by all accounts, pre-meditated. Disclosures such as this one are becoming untenable, where the people that you expect to protect you are actually leaving you open to attack. In this new world where we do not have advance warning of the nature of an attack, our defenses must become proactive. Only solutions that do not require updates or patches to provide protection can defend us against the unknown. About AppSense: AppSense is the leading provider of application-level endpoint security solutions for the enterprise - proactively protecting desktops, laptops, servers, virtual systems and embedded Inserted into. See embedded system. devices against all forms of malicious software and preserving endpoint environments in their optimal state to ensure system integrity. AppSense software secures thousands of organizations and is installed on hundreds of thousands of desktops and servers across the world in mid-to-large organizations and across many industries such as Public Sector, Finance, Pharmaceutical and Healthcare. AppSense solutions automatically and proactively block all unknown or untrusted applications from running on an endpoint without ever having to know the source or nature of the application (i.e., whether it is an unauthorized software or malicious software) or if malicious, what its signature file looks like or how it behaves. It controls when/where approved applications can execute, what functions within those applications users can access, and can even control access to endpoint devices, like USB memory See USB drive. sticks, which can be used to compromise an enterprise's critical data. AppSense operates through a world-wide channel of certified See certification. partners with offices in the US, UK, Germany, The Netherlands and Australia. For more information visit: www.appsense.com |
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion