Printer Friendly

TippingPoint Responsible for Discovery of Two Microsoft Vulnerabilities, and Offers Protection for Microsoft Bulletins Released Today.

TippingPoint's Zero Day Initiative Leads to Discovery and Patch of Vulnerabilities through Collaboration with Vendor; 3Com Protects Customers Before Flaws Disclosed Publicly

AUSTIN, Texas -- TippingPoint, a division of 3Com and the leader in intrusion prevention, today announced the discovery and patch of two new vulnerabilities in Microsoft Internet Explorer disclosed through TippingPoint's Zero Day Initiative (ZDI). Patches for the security flaws were released in today's Microsoft Bulletin. TippingPoint reported the issues to Microsoft on June 15 and August 31 after validating the vulnerabilities. TippingPoint(TM) Intrusion Prevention System customers have been preemptively protected against potential zero day attacks targeting these vulnerabilities.

The first vulnerability involves a flaw in how Internet Explorer handles malicious JavaScript (CVE-2006-5581), and the second vulnerability relates to an ActiveX control (CVE-2006-4704). Both vulnerabilities could allow an attacker to take control over a victim's computer if the targeted user viewed a malicious Web page. TippingPoint also provided protection for all critical Microsoft Bulletins released today.

"More zero day exploits targeting Microsoft products have been emerging in the last few months," said David Endler, director of security research for TippingPoint. "Through the Zero Day Initiative, we're unearthing these issues ahead of time and working responsibly with Microsoft and other affected vendors to protect our mutual customers."

The goal of the Zero Day Initiative is to enable the responsible disclosure of vulnerabilities in order to make technology more secure for users and businesses. A zero day vulnerability is one that is unknown or one that has been publicly disclosed without a corresponding patch. Through the program, 3Com rewards security researchers for responsibly informing 3Com of newly discovered zero day vulnerabilities.

In addition to protecting customers from the Internet Explorer vulnerabilities, TippingPoint Intrusion Prevention Systems were inoculated against all remotely exploitable issues in today's Microsoft bulletins through the Digital Vaccine[R] service. The TippingPoint IPS provides protection for the following security bulletins announced by Microsoft today:

(1) MS06-072

Cumulative Security Update for Internet Explorer

(Rating: Critical)

(2) MS06-073

Vulnerability in Visual Studio Could Allow Remote Code Execution

(Rating: Critical)

(3) MS06-074

Vulnerability in SNMP Could Allow Remote Code Execution

(Rating: Important)

(4) MS06-076

Cumulative Security Update for Outlook Express

(Rating: Important)

(5) MS06-077

Vulnerability in Remote Installation Service Could Allow Remote Code Execution

(Rating: Important)

(6) MS06-078

Vulnerability in Windows Media Player Could Allow Remote Code Execution

(Rating: Critical)

For more information on the Microsoft vulnerabilities, please visit: For a full list of ZDI advisories, please visit:

About TippingPoint, a division of 3Com

TippingPoint, a division of 3Com, is the leading provider of network-based intrusion prevention systems. The TippingPoint IPS is the most decorated in its industry. For a full list of awards, visit Our innovative approach offers customers unmatched network-based security with ultra-high performance, scalability and reliability. TippingPoint is based in Austin, Texas, and can be contacted through its Web site at or by telephone at 1-888-TRUE-IPS.

About 3Com Corporation

3Com Corporation is a leading provider of secure, converged voice and data networking solutions for enterprises of all sizes. 3Com offers a broad line of innovative products backed by world class sales, service and support, which excel at delivering business value for its customers. Through its TippingPoint division, 3Com is the leading provider of network-based intrusion prevention systems that deliver in-depth application protection, infrastructure protection, and performance protection. 3Com also is the majority owner of Huawei-3Com Co., Ltd. (H3C), a China-based joint venture formed by 3Com and Huawei in November 2003. H3C brings innovative and cost-effective product development and manufacturing and a strong footprint in one of the world's most dynamic markets. For further information, please visit, or the press site

Copyright [c] 2005 3Com Corporation. 3Com, the 3Com logo and Digital Vaccine are registered trademarks and TippingPoint is a trademark of 3Com Corporation or its subsidiaries. All other company and product names may be trademarks of their respective holders.
COPYRIGHT 2006 Business Wire
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 2006, Gale Group. All rights reserved. Gale Group is a Thomson Corporation Company.

Article Details
Printer friendly Cite/link Email Feedback
Publication:Business Wire
Date:Dec 12, 2006
Previous Article:Ashtrom Group to Build the Westin Le Paradis St. Lucia Beach & Golf Resort.
Next Article:Jamie Dimon Elected Chairman of the Board of JPMorgan Chase.

Related Articles
Netsky-V worm slithers without email attachment.
Second Mac OS X worm spreads via Bluetooth vulnerability.
3Com's Zero Day Initiative Uncovers Two Microsoft Vulnerabilities; Provides Customers with Same-Day Protection; 3Com Also Protects Customers Against...
Bug hunters turn the tables on software makers.
TippingPoint's Zero Day Initiative Uncovers Three Microsoft Vulnerabilities and Protects Customers from Zero Day Attacks.
IBM Internet Security Systems shields customers from critical Microsoft vulnerabilities.
TippingPoint Provides Protection for All Critical Microsoft Bulletins Released Today.
Security and products; ISS helps safeguard customers.
TippingPoint Provides Preemptive Protection for Microsoft Bulletins Released Today.
TippingPoint Discovers Two Flaws in Microsoft Bulletins Released Today.

Terms of use | Copyright © 2017 Farlex, Inc. | Feedback | For webmasters