Sourcefire(R) Delivers Protection 2 Years in Advance of Latest Microsoft Animated Cursor Vulnerability.Sourcefire Vulnerability Research Team Continues to Deliver Coverage Ahead of Threats COLUMBIA, Md. -- Open source innovator and Snort An open source network intrusion detection system (NIDS) that is noted for its effectiveness. Developed by Martin Roesch, Snort can also be used just as a packet logger or packet sniffer. For more information, visit www.snort.org. See IDS. ([R])creator, Sourcefire, Inc. (Nasdaq:FIRE), a leader in network intrusion prevention See IPS and IDS. , today announced that the Sourcefire([R]) Vulnerability Research Team (VRT VRT Vita Radio Transport (communications standard / protocol) VRT Virus Removal Tools VRT Vehicle Registration Tax VRT Vehicle Reg Tax VRT Voltage Reduction Technology (Intel Corp) ) delivered protection more than two years ahead of Microsoft's completed investigation of the Windows Animated Cursor A screen pointer that makes a small amount of movement. In Windows, animated cursors have an .ANI extension. Remote Code Execution Vulnerability (MS07-017, CVE-2007-0038), which was announced via Microsoft Security Advisory 935423 on March 29, 2007. This vulnerability, affecting Microsoft Windows See Windows. (operating system) Microsoft Windows - Microsoft's proprietary window system and user interface software released in 1985 to run on top of MS-DOS. Widely criticised for being too slow (hence "Windoze", "Microsloth Windows") on the machines available then. XP, 2000, 2003 and Vista operating systems Operating systems can be categorized by technology, ownership, licensing, working state, usage, and by many other characteristics. In practice, many of these groupings may overlap. , allows remote attackers to execute arbitrary code or cause a denial of service A condition in which a system can no longer respond to normal requests. See denial of service attack. (persistent reboot To reload the operating system, which restarts the computer. See boot. (operating system) reboot - (From boot) A boot with the implication that the computer has not been down for long, or that the boot is a bounce intended to clear some state of wedgitude. See warm boot. ) via a malformed malĀ·formed adj. Abnormally or faultily formed. ANI file, which results in memory corruption when processing cursors, animated cursors, and icons. The Sourcefire VRT was aware of this vulnerability more than two years ago and created a rule that was added to the VRT Certified Ruleset on January 17, 2005. Sourcefire VRT Certified Ruleset users have been protected against exploits targeting this vulnerability for more than 700 days. The Sourcefire VRT is a leading vulnerability research group chartered with researching new vulnerabilities and creating methods for detecting and preventing attempts to exploit them. The team utilizes advanced protocol modeling to write rules that detect potential attacks against the underlying vulnerabilities used by exploits as their attack vectors. "As zero day attacks become more prevalent, businesses are requiring proactive security solutions from vendors that deliver protection ahead of exploits, and that is exactly what the Sourcefire VRT was founded to deliver," said Matt Watchinksi, Director of the Sourcefire Vulnerability Research Team. "By providing Sourcefire VRT customers with zero day protection for the Windows Animated Cursor Remote Code Execution Vulnerability, we ensured that businesses are unaffected by related exploits for the last two years." About Sourcefire Sourcefire, Inc. (Nasdaq:FIRE), a leading provider of intelligence driven, open source network security solutions, is transforming the way organizations manage and minimize network security risks with its 3D Approach - Discover, Determine, Defend - to securing real networks in real-time. The company's network defense system unifies intrusion and vulnerability management technologies to provide customers with superior network security. Founded in 2001 by the creator of SNORT[R], Sourcefire is headquartered in Columbia, Maryland and has been consistently recognized for its innovation and industry leadership by customers, media, and industry analysts alike - with more than 18 awards and accolades since January 2005 alone. Recently, Sourcefire was positioned in the Leaders Quadrant of Gartner's "Magic Quadrant for Network Intrusion Prevention System Appliances 2H06" report and the Sourcefire 3D System was named "Best Security Solution" at the 2006 SC Magazine Awards. At work in leading Fortune 1000 companies and government agencies, the names Sourcefire and founder Martin Roesch have grown synonymous with innovation and intelligence in network security. For more information about Sourcefire, please visit http://www.sourcefire.com SOURCEFIRE[R], SNORT[R], the Sourcefire logo, the Snort and Pig logo, SECURITY FOR THE REAL WORLD[TM], SOURCEFIRE DEFENSE CENTER[TM], SOURCEFIRE 3D[TM], RNA RNA: see nucleic acid. RNA in full ribonucleic acid One of the two main types of nucleic acid (the other being DNA), which functions in cellular protein synthesis in all living cells and replaces DNA as the carrier of genetic [TM] and certain other trademarks and logos are trademarks or registered trademarks of Sourcefire, Inc. in the United States and other countries. |
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion