BindView RAZOR Team Issues RapidFire Update for New Microsoft IIS Vulnerability.HOUSTON -- What
BindView Corp. (Nasdaq:BVEW BVEW Binary View ) announced today that its RAZOR Rapid Response Team has created security checks for a newly identified critical vulnerability. The new vulnerability compromises Microsoft Internet Information Servers See IIS.
Microsoft Internet Information Server - Internet Information Server (IIS (Internet Information Services) Microsoft's Web server. IIS runs under the server versions of Windows, adding HTTP server capability to the Windows operating system. ) and all systems using Internet Explorer Microsoft's Web browser, which comes with Windows starting with Windows 98. Commonly called "IE," versions for Mac and Unix are also available. Internet Explorer is the most widely used Web browser on the market. It has also been the browser engine in AOL's Internet access software. (IE) to browse the web. The attacks corrupt IIS servers in a manner that does not interfere with their operation, instead causing IE clients that browse the web server's content to become infected themselves. The newly discovered vulnerability appears to have exceedingly destructive capabilities, and rapid exploitation is expected.
BindView customers on current maintenance contracts running Vulnerability Management solutions that include bv-Control for Windows can take immediate protective action. BindView's RapidFire Update Service provides customers with immediate access to the update via automatic distribution, or customers can download the new updates online at http://www.bindview.com/Advisories/ADV_MSFT MSFT Microsoft (stock symbol)
MSFT Movimento Sociale Fiamma Tricolore (Italy)
MSFT Multi-Stage Fitness Test
MSFT Master of Science in Family Therapy
MSFT Macalester Students for Fair Trade 04-062504.cfm
Who is at Risk
Nearly every organization using IIS or IE is at risk. Microsoft has reported that the MS04-011 patch alert prevents the compromise of Windows 2000 servers running IIS. Other reports contradict Microsoft, and BindView cannot at this time confirm either.
BindView has created vulnerability checks for bv-Control for Windows to assist customers in locating compromised systems. Once these systems are identified, customers should proceed with the outlined precautionary pre·cau·tion·ar·y also pre·cau·tion·al
Of, relating to, or constituting a precaution: taking precautionary measures; gave precautionary advice.
Adj. 1. measures as quickly as possible.
Commentary on the IIS Vulnerability
BindView RAZOR Team experts are available to discuss these new vulnerabilities and share further insight into organizations most at risk, potential outcomes of an attack, as well as additional ways to secure enterprise IT infrastructures. Experts can also discuss the growing number of system vulnerabilities that have been identified in the past few months.
BindView Corporation is a leading provider of proactive business policy, IT security and directory management software worldwide. BindView solutions and services enable customers to centralize cen·tral·ize
v. cen·tral·ized, cen·tral·iz·ing, cen·tral·iz·es
1. To draw into or toward a center; consolidate.
2. and automate policy compliance, vulnerability assessment A Department of Defense, command, or unit-level evaluation (assessment) to determine the vulnerability of a terrorist attack against an installation, unit, exercise, port, ship, residence, facility, or other site. , directory administration across the entire organization. With BindView insight at work(TM), customers benefit from reduced risk and improved operational efficiencies with a verifiable return on investment. More than 20 million licenses have shipped to 5,000 companies worldwide, spanning all major business segments and the public sector. Contact BindView via e-mail at firstname.lastname@example.org or visit BindView's website at http://www.bindview.com. BindView can also be reached at 800-749-8439 or at 713-561-4000.