TippingPoint Protects Customers Against New Zero-Day Vulnerabilities in Windows

The most severe of the new Windows vulnerabilities includes an overflow in the Windows Load Image API, which can be exploited simply by viewing a specially crafted icon, cursor, or bitmap file in a Web page or e-mail. Also last week, a fully-functional remote code execution exploit was released for Internet Explorer, which bypasses the "Local Computer" zone security restrictions in Windows XP service pack 2 through the HTML Help ActiveX control. A variant of this code, Trojan.Phel.A, is malicious code distributed as an HTML file that emerged yesterday, only four days after the original exploit was made public. Exploitation of either issue could allow an attacker to run any program on the victim's computer with the victim's user privileges.

TippingPoint delivered vulnerability filters known as Virtual Software Patches(TM) through its automated Digital Vaccine Service to UnityOne users within 12 hours of the new Windows vulnerabilities being made public last Thursday, and prior to the discovery of Trojan.Phel.A. UnityOne systems are updated with the Digital Vaccine service on a continuous basis so customers have zero-day protection in advance of a worm or automated exploit.

"While many of our customers were on vacation and away from the office, their UnityOne systems were automatically updated with the latest protection against these new Windows vulnerabilities," said TippingPoint's Chief Technology and Strategy Officer Marc Willebeek-LeMair. "In addition to the inconvenient timing of the holidays, this round of vulnerability announcements was further exacerbated by the fact that there simply are no patches available yet. Intrusion prevention is the only network-based method of protection for these types of emerging zero-day threats."

TippingPoint's UnityOne Intrusion Prevention System provides Application Protection, Performance Protection and Infrastructure Protection at gigabit speeds through total packet inspection. Application Protection capabilities provide fast, accurate, reliable protection from internal and external cyber attacks. Through its Infrastructure Protection capabilities, UnityOne protects VoIP infrastructure, routers, switches, DNS and other critical infrastructure from targeted attacks and traffic anomalies. UnityOne Performance Protection capabilities enable customers to throttle non-mission critical applications that hijack valuable bandwidth and IT resources, thereby aligning network resources and business-critical application performance.

About TippingPoint

TippingPoint is the leading provider of network-based intrusion prevention systems that deliver in-depth Application Protection, Infrastructure Protection, and Performance Protection for corporate enterprises, government agencies, service providers and academic institutions. Our innovative approach offers customers unmatched network-based security with unrivaled economics, ultra-high performance, scalability and reliability.

Author:  

Email:    

Topic:    

Content:

Related Voip Articles

• Cirilium Develops WiFi VoIP Solution for Honeywells Biz Jet Customers
  24 December 2004



• Vomit and sniff hack VoIP systems
  23 December 2004



• Does Microsoft attempting VoIP land grab
  23 December 2004



• VoIP for the Lay-Businessman
  23 December 2004



• Net com Works Mobile VOIP
  23 December 2004



• Voice over Broadband Driving Growth in VoIP Equipment Market
  23 December 2004



• Internap Selected by Vonage to Enhance Infrastructure for Growing National VoIP Service
  23 December 2004



• World Renowned VoIP Thought Leader Jeff Pulver Offers IP Communications Predictions for 2005
  21 December 2004



• Yap International Wins Major VoIP Deal
  21 December 2004



• Newest Empirix Hammer NXT VoIP Load Test System Delivers Comprehensive
  21 December 2004