BindView Continues to Detect and Eliminate Latest Security Vulnerabilities; Microsoft Acknowledges the BindView RAZOR Team's Ongoing Commitment to Responsible Reporting Practices.Business/Technology Editors HOUSTON--(BUSINESS WIRE)--Oct. 9, 2000 BindView Corporation (NASDAQ NASDAQ in full National Association of Securities Dealers Automated Quotations U.S. market for over-the-counter securities. Established in 1971 by the National Association of Securities Dealers (NASD), NASDAQ is an automated quotation system that reports on : BVEW BVEW Binary View ), a leading provider of IT administration and security management solutions, today announced that it identified and Microsoft eliminated recent vulnerabilities in the Microsoft operating system operating system (OS) Software that controls the operation of a computer, directs the input and output of data, keeps track of files, and controls the processing of computer programs. . These latest vulnerabilities could allow a range of effects, including possible Denial of Service Attacks An assault on a network that floods it with so many additional requests that regular traffic is either slowed or completely interrupted. Unlike a virus or worm, which can cause severe damage to databases, a denial of service attack interrupts network service for some period. and privilege elevation. The two companies have created a well-defined process for efficiently working together to identify and close these type of vulnerabilities. "In line with our main objective of understanding software as intimately as possible, the BindView RAZOR Team was able to identify and quickly alert Microsoft to the security vulnerability, proving again that the RAZOR Team constantly ensures that the nation's most popular and important systems are as secure as possible," said Scott Blake, RAZOR team leader for BindView. "We will continue to maintain a very close working relationship with Microsoft to report what we find in a responsible manner, as well as to create an airtight fix that is available as quickly as possible." The vulnerabilities identified primarily affect the Windows NT (Windows New Technology) A 32-bit operating system from Microsoft for Intel x86 CPUs. NT is the core technology in Windows 2000 and Windows XP (see Windows). Available in separate client and server versions, it includes built-in networking and preemptive multitasking. 4.0 and Windows 2000 implementations of Local Procedure Call (LPC (language) LPC - A variant of C designed ca 1988 to program LP MUDs. ), the system for inter-processing communication for NT operating systems Operating systems can be categorized by technology, ownership, licensing, working state, usage, and by many other characteristics. In practice, many of these groupings may overlap. . Because LPC can only be used on the local machine, none of these vulnerabilities could be exploited remotely. Instead, a malicious user could only exploit them on machines that could be logged onto interactively. Typically, workstations and terminal servers would be chiefly at risk, because, if normal security practices have been followed, normal users will not be allowed to log onto critical servers interactively. This also means that, even in the worst case, the vulnerability would only confer additional local - not domain - privileges on the malicious user. BindView's RAZOR team of security experts was the first to report these latest vulnerabilities to Microsoft. The issues involved in these vulnerabilities required several months of detailed engineering and BindView worked closely with Microsoft throughout the process. RAZOR was formed in 1998 and can be credited with identifying more than 80 network security vulnerabilities. The team plays a key ongoing role in working with companies like Microsoft to issue patches to dangerous network threats that are identified. Microsoft has issued a Security Advisory that can be downloaded at http://www.microsoft.com/technet/security/bulletin/MS00-070.asp and includes a URL URL in full Uniform Resource Locator Address of a resource on the Internet. The resource can be any type of file stored on a server, such as a Web page, a text file, a graphics file, or an application program. to the hot fix. BindView customers can download BindView's anti-hacker product, HackerShield 2.0, from www.BindView.com and deploy its Rapid-Fire update feature to find out if the vulnerabilities exist on their networks. About BindView BindView is a leading provider of software solutions which enhance business performance by ensuring the integrity and reliability of the IT infrastructure. BindView's comprehensive software offerings secure and simplify the management and administration of network operating systems, directories, and related applications. By enabling corporate IT professionals to effectively leverage their existing technologies, BindView's award-winning products play a critical role in achieving business goals. More than 10 million licenses of BindView's solutions have been shipped worldwide to approximately 5,000 companies, including more than 75 of the Fortune 100 and 24 of the largest 26 U.S. banks. Contact BindView via e-mail at info@bindview.com or visit BindView's World Wide Web site at http//www.bindview.com. BindView can also be reached at (800) 749-8439 or at (713) 561-4000. Editors Note: The names of products of other companies mentioned in this document, if any, may be the registered or unregistered trademarks of the owners of the products. Statements in this news release not based on historical fact are "forward-looking" statements pursuant to the safe harbor Safe Harbor 1. A legal provision to reduce or eliminate liability as long as good faith is demonstrated. 2. A form of shark repellent implemented by a target company acquiring a business that is so poorly regulated that the target itself is less attractive. provisions of the Private Securities Litigation Reform Act The Private Securities Litigation Reform Act of 1995 (PSLRA) implemented several significant substantive changes affecting certain cases brought under the federal securities laws, including changes related to pleading, discovery, liability, class representation and awards fees and of 1995. Actual results could differ materially because of factors such as, for example, the risks associated with competition within the network management software industry, with rapid technological change, and with BindView's development of and the market's acceptance of new products. Other such factors include the risk factors and other matters described from time to time in BindView's Form 10-K Form 10-K A report required by the SEC from exchange-listed companies that provides for annual disclosure of certain financial information. Form 10-K See 10-K. filings, Form 10-Q Form 10-Q See 10-Q. filings, and other periodic filings with the Securities and Exchange Commission. |
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion