Printer Friendly
The Free Library
14,504,020 articles and books
Member login
User name  
Password 
 
Join us Forgot password?

IBM Internet Security Systems shields customers from critical Microsoft vulnerabilities.


IBM (International Business Machines Corporation, Armonk, NY, www.ibm.com) The world's largest computer company. IBM's product lines include the S/390 mainframes (zSeries), AS/400 midrange business systems (iSeries), RS/6000 workstations and servers (pSeries), Intel-based servers (xSeries)  recently announced its Internet Security ''This article or section is being rewritten at

Internet security is the process of protecting data and privacy of devices connected to internet from information robbery, hacking, malware infection and unwanted software.
 Systems division is keeping customers ahead of threats posed by the most recent Microsoft vulnerabilities. Earlier this month, IBM Internet Security Systems IBM Internet Security Systems is a security software provider which was founded in 1994 as Internet Security Systems, and is often known simply as ISS or ISSX (after its former NASDAQ ticker symbol). The company was acquired by IBM in 2006.  discovered active exploitation of a vulnerability in Microsoft's XML XML
 in full Extensible Markup Language.

Markup language developed to be a simplified and more structural version of SGML. It incorporates features of HTML (e.g., hypertext linking), but is designed to overcome some of HTML's limitations.
 HTTP HTTP
 in full HyperText Transfer Protocol

Standard application-level protocol used for exchanging files on the World Wide Web. HTTP runs on top of the TCP/IP protocol.
 request handling through Internet Explorer, which Microsoft provided a patch for today. The vulnerability makes it possible for attackers to remotely execute malicious code on a victim's machine, leading to compromise of corporate networks and confidential information.

At the time of discovery in early November, IBM products were already providing customers with preemptive pre·emp·tive or pre-emp·tive  
adj.
1. Of, relating to, or characteristic of preemption.

2. Having or granted by the right of preemption.

3.
a.
 protection for this threat through its Buffer Overflow Exploit Prevention (BOEP BOEP Bureau of Engraving and Printing ) solution and through its protocol analysis module (PAM), the core engine that powers IBM Internet Security Systems intrusion prevention and detection technologies. IBM also alerted Microsoft of its findings and provided customers with additional protection at that time. "This particular threat to Microsoft's XML HTTP request handling demonstrates the criticality of preemptive protection," said Lamar Bailey, Senior Operations Manager for the IBM X-Force research and development team. "Without proactive security technologies in place, organizations leave themselves dangerously open to attack by zero-day exploits such as the ones that targeted this vulnerability. By waiting for a signature to protect your network, you are dramatically increasing the attackers' opportunities to compromise your system."

IBM is also providing protection for the latest critical threat to Microsoft users, a remote code execution vulnerability announced in the Microsoft Workstation Service, which maintains client connections to Windows Networking services and runs by default on Microsoft Operating Systems The following is a list of Microsoft operating systems. For the codenames that Microsoft gave their operating systems, see Microsoft codenames. Before Windows
  • Xenix
  • MS-DOS
  • MSX-DOS
OS/2
  • MS OS/2 1.0
  • MS OS/2 1.1
  • MS OS/2 1.
. According to X-Force, this vulnerability is simple to exploit and successful compromise could leave the attacker in complete control of the targeted machine. While authentication is required to access this service remotely in Windows XP, it is not required in Windows 2000, making this vulnerability a serious risk to Windows 2000 networks. This vulnerability could also be exploited by worms or other malware.

X-Force also encourages organizations to apply the patches provided today by Microsoft for the Internet Explorer vulnerabilities addressed in bulletin MS06-067. Several of these vulnerabilities have been exploited in the wild since September. IBM customers have been protected from these vulnerabilities since then, but other companies are urged to apply appropriate patches.

www.iss.net
COPYRIGHT 2006 A.P. Publications Ltd.
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 2006, Gale Group. All rights reserved. Gale Group is a Thomson Corporation Company.

 Reader Opinion

Title:

Comment:



 

Article Details
Printer friendly Cite/link Email Feedback
Title Annotation:Security News and Products
Publication:Database and Network Journal
Date:Dec 1, 2006
Words:371
Previous Article:Service providers hold key to blocking text message spam.(Security News and Products)
Next Article:Sophos protects Microsoft Windows Vista.(Security News and Products)
Topics:



Related Articles
Microsoft identfies critical security vulnerabilites.(Virus Notes)(Brief Article)
Internet Security Systems Protects Customers from Microsoft Flaws and Thwarts Phishing Attempts; ISS Virtual Patch(TM) Technology Protects Customers...
Internet Security Systems Warns Against Potential Microsoft Exchange Worm.(Company overview)
Internet Security Systems Shields Customers from Flaws in Internet Explorer and Windows Media Player; ISS Warns That Flaws Could Be Used to Launch...
Internet Security Systems Discovers and Protects Against Critical Flaws in Microsoft DNS Client; ISS Also Warns That Another Flaw Disclosed Today in...
IBM Internet Security Systems Discovers and Shields Customers from Veritas NetBackup Vulnerability.
IBM Internet Security Systems predicts security trends for 2007.(Security News and Products)
Security news and products; ISS discovers and protects in CA storage management product.(SOFTWARE WORLD DIGEST)
Security news and products; IBM internet security systems X-Force research team predicts security trends for 2007.(SOFTWARE WORLD DIGEST)
Security and products; ISS helps safeguard customers.(SOFTWARE WORLD DIGEST)

Terms of use | Copyright © 2009 Farlex, Inc. | Feedback | For webmasters | Submit articles