Astaro Software Protects Networks From New Microsoft .jpg Vulnerability.BURLINGTON, Mass. -- Astaro Security Linux Stops .jpg Graphics Files That Can Take Control of PCs and Servers Astaro (www.astaro.com), announced that its popular Astaro Security Linux network security software protects against the recently discovered Microsoft .jpg vulnerability. This .jpg vulnerability potentially allows hackers to take control of target computers using .jpg graphics files. This is the first major vulnerability discovered involving graphics files of a type used on millions of web sites and exchanged between millions of users thanks to the common use of digital cameras. According to according to prep. 1. As stated or indicated by; on the authority of: according to historians. 2. In keeping with: according to instructions. 3. Microsoft, "A buffer overrun vulnerability exists in the processing of JPEG JPEG in full Joint Photographic Experts Group Standard computer file format for storing graphic images in a compressed form for general use. JPEG images are compressed using a mathematical algorithm. image formats that could allow remote code execution on an affected system...(A)n attacker who successfully exploited this vulnerability could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts with full privileges." This "critical" vulnerability affects Microsoft Windows See Windows. (operating system) Microsoft Windows - Microsoft's proprietary window system and user interface software released in 1985 to run on top of MS-DOS. Widely criticised for being too slow (hence "Windoze", "Microsloth Windows") on the machines available then. (TM) operating systems Operating systems can be categorized by technology, ownership, licensing, working state, usage, and by many other characteristics. In practice, many of these groupings may overlap. , various versions of Microsoft Office products, including Exchange(R), PowerPoint(R) and FrontPage(R), development tools such as Microsoft Visio and Microsoft Visual Basic .NET ' Visual Basic .NET (VB.NET) is an object-oriented computer language that can be viewed as an evolution of Microsoft's Visual Basic (VB) implemented on the Microsoft .NET framework. , and a wide variety of software packages from other software companies. Microsoft recommends applying updates to all computers with affected software, but notes that these systems may still be vulnerable because of weaknesses in software applications from other vendors. Astaro Security Linux has been able to block affected .jpg files since September 18, only four days after the first Microsoft Security Bulletin detailing this threat. Astaro's software stops the affected .jpg files at an organization's Internet gateway, providing protection long before updates can be installed on all internal servers, desktop PCs, and laptops. Astaro Security Linux can detect and block viruses in both email messages (SMTP (Simple Mail Transfer Protocol) The standard e-mail protocol on the Internet and part of the TCP/IP protocol suite, as defined by IETF RFC 2821. SMTP defines the message format and the message transfer agent (MTA), which stores and forwards the mail. and POP3 traffic) and web pages and file downloads (HTTP HTTP in full HyperText Transfer Protocol Standard application-level protocol used for exchanging files on the World Wide Web. HTTP runs on top of the TCP/IP protocol. and FTP FTP in full file transfer protocol Internet protocol that allows a computer to send files to or receive files from another computer. Like many Internet resources, FTP works by means of a client-server architecture; the user runs client software to connect to traffic), unlike many anti-virus products on the market that scan email but not web traffic. Utilizing the global virus detection resources of Kaspersky Labs (www.kaspersky.com), Astaro's Virus Protection for Email and Virus Protection for Web subscription services update customer defenses within hours of the discovery of outbreaks of new viruses and worms. For More Information on This Vulnerability For more information on the Microsoft .jpg Vulnerability, see Microsoft Security Bulletin MS04-028: Buffer Overrun in JPEG Processing (GDI (Graphics Device Interface) The traditional programming interface (API) for output in Windows. When an application needs to display or print, it makes a call to a GDI function and sends it the parameters for the object that must be created. +) Could Allow Code Execution (833987) at http://www.microsoft.com/technet/security/bulletin/MS04-028.mspx. About Astaro Astaro develops Astaro Security Linux, a gateway security product that provides six critical security applications - firewall, VPN (Virtual Private Network) A private network that is configured within a public network (a carrier's network or the Internet) in order to take advantage of the economies of scale and management facilities of large networks. gateway, anti-virus, intrusion protection, spam filtering and content filtering - fully integrated on a single management platform. The company was founded in January 2000 and today is co-headquartered in Burlington, Mass. and Karlsruhe, Germany. Astaro's software has won numerous industry awards, and is deployed on over 20,000 networks in 60 countries, including such companies as Blue Cross/Blue Shield, Los Alamos National Labs, Stanford University and Watsco, Inc. Astaro Security Linux is distributed by a worldwide network of 350 solutions partners who offer local support and services. http://www.astaro.com All trademarks are owned by their respective companies. |
|
||||||||||||
Printer friendly+'&author=&title=Astaro+Software+Protects+Networks+From+New+Microsoft+.jpg+Vulnerability&artId=122725487&pubDate=2004-09-29';)
Cite/link
Email
Feedback
Reader Opinion