Determina Announces Immediate Availability of Protection from Critical Microsoft Zero-Day Vulnerability.Free VPS (1) (Vectors Per Second) The measurement of the speed of a vector or array processor. See vector, vector processor and array processor. (2) (Virtual Private Server) See OS virtualization. Shield to Provide Protection from All Exploits against Vulnerability without Changing System Files, Configuration, or Functionality REDWOOD CITY Redwood City, city (1990 pop. 66,072), seat of San Mateo co., W Calif., on San Francisco Bay; inc. 1868. Manufactures include commmunications, electrical, electronic, and medical equipment. , Calif. -- Determina[R] Inc. today announced that it is making a free VPS Shield available for the latest Microsoft zero-day vulnerability announced on September 28, 2006. This vulnerability does not have a vendor patch available, potentially exposing customers to attacks that exploit this zero-day vulnerability. The previous VPS Shield that Determina produced for the WMF (filename extension) wmf - The filename extension for a Windows Metafile. vulnerability was a huge success. Thousands of individuals and enterprises downloaded and deployed the Shield, which can be installed directly onto an affected system without any modifications to critical Windows files, configuration, or functionality. Once the patch is available and the user deploys it on their system, Determina VPS automatically detects the patch and no longer applies the Shield. Determina intends to continue to deliver free shields when there are critical zero-day outbreaks for which there are no patches available. Determina customers who have the Vulnerability Protection Suite (VPS) are not threatened by these vulnerabilities and have true "zero-day" threat protection from any attacks. Third-party patches - yes, there is a difference Unlike other so called "third-party patches" available from other vendors and researchers, Determina's Shields do not modify any system files or configuration of a system, and do not disable To turn off; deactivate. See disabled. any critical system functionality on the affected system. In some cases, "patches" from other vendors can result in permanent modification to the system, making it hard or impossible to revert back to the original system configuration when the "patch" is removed. Determina's Shields are also based on the vulnerability itself, and not on any specific attack vector The approach used to assault a computer system or network. A fancy way of saying "method or type of attack," the term may refer to a variety of vulnerabilities. For example, an operating system or Web browser may have a flaw that is exploited by a Web site. . Therefore, any malware (MALicious softWARE) Software designed to destroy, aggravate and otherwise make life unhappy. See crimeware, virus, worm, logic bomb, macro virus and Trojan. that utilizes these vulnerabilities to infect infect /in·fect/ (in-fekt´) 1. to invade and produce infection in. 2. to transmit a pathogen or disease to. in·fect v. 1. a system will be stopped, even if the attacker changes the attack. Unlike other attack-oriented security products from other vendors, Determina VPS is the only system that provides customers with true "vulnerability protection" that directly fixes the vulnerability in the code itself. "Users remain vulnerable to these zero-day vulnerabilities until Microsoft releases a patch. Today's anti-virus and anti-spyware products are already known to be ineffective in preventing attackers from compromising systems using "drive-by" and other techniques - the signatures simply cannot keep up with the large number of malware variants," said Sandy Wilbourn, VP of Engineering and Customer Support, Determina. Free downloadable fix available As reported in a Sept. 28, 2006 Determina Security Advisory, a remote code execution vulnerability exists in the Internet Explorer Microsoft's Web browser, which comes with Windows starting with Windows 98. Commonly called "IE," versions for Mac and Unix are also available. Internet Explorer is the most widely used Web browser on the market. It has also been the browser engine in AOL's Internet access software. WebViewFolderIcon ActiveX control A software module based on Microsoft's Component Object Model (COM) architecture. It enables a program to add functionality by calling ready-made components that blend in and appear as normal parts of the program. that could allow remote attackers to hijack an affected system to execute malicious code or install spyware. Determina's VPS Memory Firewall, by default, protects users against code execution that may result from exploitation of the memory corruption Memory corruption happens when content of a memory location are unintentionally modified due to programming errors. When the corrupted memory contents are used later in the computer program, it leads either to program crash or to strange and bizarre program behavior. based vulnerabilities reported in this advisory. The full advisory is available at http://www.determina.com/security_center/security_advisories/ securityadvisory_0day_09282.asp. (Due to its length, this URL URL in full Uniform Resource Locator Address of a resource on the Internet. The resource can be any type of file stored on a server, such as a Web page, a text file, a graphics file, or an application program. may need to be copied/pasted into your Internet browser's address field. Remove the extra space if one exists.) Determina has also released a free, downloadable Shield to the general public. This standalone stand·a·lone adj. Self-contained and usually independently operating: a standalone computer terminal. Shield for Internet Explorer will prevent this critical vulnerability from being exploited until Microsoft is able to issue a patch. Desktop users without proactive protection against vulnerability exploits may consider installing this Shield if they believe they might have exposure to web-based attacks. The Shield can be downloaded from Determina's Security Research website at http://www.determina.com/security.research/. The Shield applies to all currently known affected versions of Windows. The Shield fixes the flawed code in memory when a vulnerable version of the ActiveX control in Internet Explorer is running, without affecting the installation of the web browser The program that serves as your front end to the Web on the Internet. In order to view a site, you type its address (URL) into the browser's Location field; for example, www.computerlanguage.com, and the home page of that site is downloaded to you. on disk or disabling dis·a·ble tr.v. dis·a·bled, dis·a·bling, dis·a·bles 1. To deprive of capability or effectiveness, especially to impair the physical abilities of. 2. Law To render legally disqualified. any browser functionality. It should also not interfere with the installation of a Microsoft patch when one becomes available. Determina Vulnerability Protection Suite (VPS): Real-Time Vulnerability Protection Determina VPS' unique ability to protect against 100 percent of critical Windows vulnerabilities has earned positive reviews in leading publications, including InfoWorld, PC Magazine, and Secure Enterprise. The company also received the InfoWorld 2005 Innovators Award for its pioneer work in mitigating critical Windows vulnerabilities. Unlike attack-oriented security technologies, vulnerability protection offers customers the ability to comprehensively address the security and operational issues around security and patching. The Determina VPS suite offers comprehensive vulnerability protection though its two products: Memory Firewall[TM], which provides proactive, zero-day protection for the most dangerous class of vulnerabilities, and LiveShield[TM], which provides precise vulnerability protection in real-time. Further product information is available at www.determina.com, and requests for evaluation of Determina VPS may be made at www.determina.com/sales/request_info.html. About Determina Determina[R] is a leading provider of proactive host intrusion prevention See IPS and IDS. solutions (HIPS) for servers and desktops based on breakthrough technology developed at M.I.T. Determina Vulnerability Protection Suite[TM] (VPS[TM]) is the only solution to address the root cause of attacks - the software vulnerabilities themselves. Through this unique approach, it is the only solution for continuous protection from the latest worms, malicious code, and directed attacks, eliminating the need for reactive security patching A fix to a program that eliminates a vulnerability exploited by malicious hackers. See vulnerability and patch. . VPS consists of two products providing complimentary vulnerability coverage: Memory Firewall[R], which provides proactive, zero-day protection for the most dangerous class of vulnerabilities without the need for updates, and LiveShield[R], which provides precise vulnerability protection in real-time. Determina is headquartered in Redwood City, CA with development offices in Cambridge, MA. Determina VPS has been rapidly and broadly deployed by enterprise customers in industries demanding the highest level of security and availability. |
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion