Sourcefire Vulnerability Research Team Protects Users from November Microsoft Tuesday Vulnerability
COLUMBIA, Md. -- Open source innovator and SNORT([R])creator, Sourcefire, Inc. (Nasdaq:FIRE), a leader in network intrusion prevention, today announced that the Sourcefire Vulnerability Research Team (VRT) delivered rules that protected Sourcefire customers and Snort users for close to a month prior to today's Microsoft vulnerability disclosure (Microsoft Security Bulletin MS07-061). Sourcefire's Security Enhancement Update (SEU) 111, published on October 17, 2007, addressed today's vulnerability, which impacts Microsoft Windows and Internet Explorer.
"Sourcefire customers and Snort users depend on us to deliver the best protection as quickly as possible, and we consistently live up to this expectation on Microsoft Tuesdays, often delivering coverage before the vulnerability is announced," said Matt Watchinski, Director of the Sourcefire Vulnerability Research Team. "This fast and comprehensive protection, combined with Sourcefire's innovative security solutions, provides users with confidence that their critical assets are secure from both known and unknown threats."
Prior to Microsoft's disclosure earlier today, the Sourcefire VRT had already created, tested and delivered Snort rules designed to detect attacks targeting the Microsoft vulnerability identified in Microsoft Security Bulletin MS07-061. This critical Internet Explorer 7 remote code execution vulnerability exists in the way that the Windows shell handles specifically crafted URIs (uniform resource identifiers) that are passed to it. If the Windows shell did not sufficiently validate these URIs, an attacker could exploit this vulnerability and execute arbitrary code. Microsoft has only identified ways to exploit this vulnerability on systems using Internet Explorer 7. However, the vulnerability exists in a Windows file, Shell32.dll, which is included in all supported editions of Windows XP and Windows Server 2003.
About the Sourcefire VRT
The Sourcefire VRT is a group of leading edge intrusion detection and prevention experts working to proactively discover, assess and respond to the latest trends in hacking activities, intrusion attempts and vulnerabilities. This team is also supported by the vast resources of the open source Snort community, making it the largest group dedicated to advances in the network security industry.
About Sourcefire
Sourcefire, Inc. (Nasdaq:FIRE), Snort creator and open source innovator, is a world leader in Enterprise Threat Management (ETM) solutions. Sourcefire is transforming the way Global 2000 organizations and government agencies manage and minimize network security risks with its 3D Approach - Discover, Determine, Defend - to securing real networks. The Sourcefire 3D[TM] System is the first to unify IPS, NBA, NAC and Vulnerability Assessment technologies under the same management console. This ETM approach equips customers with an efficient and effective layered security defense - protecting network assets before, during and after an attack. Through the years, Sourcefire has been consistently recognized for its innovation and industry leadership by customers, media and industry analysts alike - with more than 30 awards and accolades. Today, the names Sourcefire and founder Martin Roesch have grown synonymous with innovation and network security intelligence. For more information about Sourcefire, please visit http://www.sourcefire.com.
SOURCEFIRE[R], SNORT[R], the Sourcefire logo, the Snort and Pig logo, SECURITY FOR THE REAL WORLD[TM], SOURCEFIRE DEFENSE CENTER[TM], SOURCEFIRE 3D[TM], RNA[TM], DAEMONLOGGER[TM], CLAMAV[TM], SOURCEFIRE SOLUTIONS NETWORK[TM], and certain other trademarks and logos are trademarks or registered trademarks of Sourcefire, Inc. in the United States and other countries.
No comments:
Post a Comment