Printer Friendly

Internet Security Systems Protects Customers Against Critical Flaw in Microsoft Windows Operating System; Flaw Allows Unauthenticated Remote Attackers to Fully Compromise Windows 2000 Machines.

ATLANTA -- Internet Security Systems, Inc. (ISS) (NASDAQ: ISSX) today announced that the company is providing customers of its Proventia(R) products and Managed Security Services with preemptive protection for multiple security vulnerabilities announced in the October Microsoft security bulletin.

Most importantly, the company is protecting against a remote compromise issue in the Microsoft Distributed Transaction Coordinator (MSDTC), which is used by the Microsoft Windows operating system to coordinate transactions such as databases, message queues and file systems across distributed machines. MSDTC is configured to run by default on Windows 2000. Unprotected systems running Windows 2000 can therefore be compromised without any user interaction.

"Based on the profit-driven nature of today's hacker community, ISS fully expects to see rapid and widespread development of exploit code for this vulnerability in a matter of days," said Chris Rouland, chief technology officer at Internet Security Systems.

ISS is also warning customers about an additional vulnerability announced by Microsoft today in Windows Audio Video Interleave (AVI) file parsing. AVI is a common format for audio/video data found on personal computers. This vulnerability affects all recent versions of the Windows operating system and can lead to remote compromise if a victim is convinced to view a maliciously crafted video file.

Compromise of networks and machines running Microsoft Windows can lead to loss of productivity, financial setbacks and exposure of confidential information. ISS customers are therefore advised to apply product updates from ISS for these and other Microsoft vulnerabilities announced today. Other companies are advised to view today's Microsoft security bulletin for suggested methods of mitigating exposure at:

For more information on Internet Security Systems(TM) preemptive protection offerings, please visit:

The full ISS X-Force alert on today's Microsoft updates can be found at:

About Internet Security Systems, Inc.

Internet Security Systems, Inc. (ISS) is the trusted expert to global enterprises and world governments, providing products and services that protect against Internet threats. An established world leader in security since 1994, ISS delivers proven cost efficiencies and reduces regulatory and business risk across the enterprise. ISS products and services are based on the proactive security intelligence conducted by ISS' X-Force(R) research and development team - the unequivocal world authority in vulnerability and threat research. Headquartered in Atlanta, Internet Security Systems has additional operations throughout the Americas, Asia, Australia, Europe and the Middle East. For more information, visit the Internet Security Systems Web site at or call 800-776-2362.

Internet Security Systems is a trademark and X-Force and Proventia are registered trademarks of Internet Security Systems, Inc. All other companies and products mentioned are trademarks and property of their respective owners.
COPYRIGHT 2005 Business Wire
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 2005, Gale Group. All rights reserved. Gale Group is a Thomson Corporation Company.

Article Details
Printer friendly Cite/link Email Feedback
Comment:Internet Security Systems Protects Customers Against Critical Flaw in Microsoft Windows Operating System; Flaw Allows Unauthenticated Remote Attackers to Fully Compromise Windows 2000 Machines.
Publication:Business Wire
Geographic Code:1USA
Date:Oct 11, 2005
Previous Article:Fitch Upgrades Interpool to 'BB'; Outlook Positive.
Next Article:Seniors 2005 Feature Releases.

Related Articles
Microsoft looks into loopholes. (Up front: news, trends & analysis).
Microsoft critical flaw.
Microsoft releases 10 security updates.
Hackers target Microsoft's JPEG flaw.
Cisco, Microsoft join forces to stop viruses.
Third busy patch month for Microsoft.
IBM Internet Security Systems shields customers from critical Microsoft vulnerabilities.
Security and products; ISS helps safeguard customers.
What e-mail hackers know that you don't.

Terms of use | Copyright © 2017 Farlex, Inc. | Feedback | For webmasters