Dedicated To Printer Hardware, Featuring News, Press Releases, IT Directory & Links
SOURCEFIRE DELIVERS SAME DAY PROTECTION FOR MICROSOFT TUESDAY VULNERABILITIES
Published 11th December 2008
Sourcefire Vulnerability Research Team Protects Users from Latest Microsoft Vulnerabilities
Wokingham. UK, 10th December, 2008 - Open source innovator and SNORT® creator, Sourcefire, Inc. (Nasdaq: FIRE), a leader in Enterprise Threat Management, announced that the Sourcefire® Vulnerability Research Team (VRT) has delivered rules to protect Sourcefire customers and Snort users from all eight Microsoft vulnerabilities disclosed today. These vulnerabilities impact Microsoft Windows, Microsoft Office, Microsoft Internet Explorer, Microsoft Developer Tools and Software, and Microsoft Server Software.
“With today’s disclosures, Microsoft has shipped more than 75 bulletins, addressing hundreds of flaws this year alone. This highlights the need for organizations to remain diligent about their network security,” said Matt Watchinski, Senior Director of the Sourcefire Vulnerability Research Team. “Participating in the Microsoft Active Protections Program (MAPP) allows Sourcefire to combine the earliest possible detection with leading solutions that enable customers to take a proactive approach to security. This will be increasingly important as threats continue to increase in 2009.”
The Sourcefire VRT created, tested and delivered Snort rules designed to detect attacks targeting the Microsoft vulnerabilities listed below. These new rules are included in the latest Sourcefire Security Enhancement Update (SEU) released today.
Microsoft Security Bulletin MS08-070 – Critical vulnerabilities in the ActiveX controls for the Microsoft Visual Basic 6.0 Runtime Extended Files could allow remote code execution if a user browsed a Web site that contains specially crafted content.
Microsoft Security Bulletin MS08-071 – Critical vulnerabilities in GDI could allow remote code execution if a user opens a specially crafted WMF image file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system.
Microsoft Security Bulletin MS08-072 – Critical vulnerabilities in Microsoft Office Word and Microsoft Office Outlook could allow remote code execution if a user opens a specially crafted Word or Rich Text Format (RTF) file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system.
Microsoft Security Bulletin MS08-073 – Critical vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer.
Microsoft Security Bulletin MS08-074 – Critical vulnerabilities in Microsoft Office Excel that could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system.
Microsoft Security Bulletin MS08-075 – Critical vulnerabilities in Windows Search could allow remote code execution if a user opens and saves a specially crafted saved-search file within Windows Explorer or if a user clicks a specially crafted search URL. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system.
Microsoft Security Bulletin MS08-076 – Vulnerabilities in Windows Media components (Windows Media Player, Windows Media Format Runtime, and Windows Media Services) could allow remote code execution. If a user is logged on with administrative user rights, an attacker who successfully exploited the most severe vulnerability could take complete control of an affected system.
Microsoft Security Bulletin MS08-077 – Vulnerability could allow elevation of privilege if an attacker bypasses authentication by browsing to an administrative URL on a SharePoint site. A successful attack leading to elevation of privilege could result in denial of service or information disclosure.
About the Sourcefire VRT
The Sourcefire VRT is a group of leading edge intrusion detection and prevention experts working to proactively discover, assess and respond to the latest trends in hacking activities, intrusion attempts and vulnerabilities. This team is also supported by the vast resources of the open source Snort community, making it the largest group dedicated to advances in the network security industry.
About Sourcefire
Sourcefire, Inc. (Nasdaq: FIRE), Snort creator and open source innovator, is a world leader in Enterprise Threat Management (ETM) solutions. Sourcefire is transforming the way Global 2000 organizations and government agencies manage and minimize network security risks with its 3D Approach – Discover, Determine, Defend – to securing real networks. This ETM approach equips customers with an efficient and effective layered security defense – protecting network assets before, during and after an attack. Through the years, Sourcefire has been consistently recognized for its innovation and industry leadership by customers, media and industry analysts alike – with more than 40 awards and accolades. Today, the names Sourcefire and founder Martin Roesch have grown synonymous with innovation and network security intelligence. For more information about Sourcefire, please visit http://www.sourcefire.com.
SOURCEFIRE®, SNORT®, the Sourcefire logo, the Snort and Pig logo, SECURITY FOR THE REAL WORLD™, SOURCEFIRE DEFENSE CENTER™, SOURCEFIRE 3D®, SOURCEFIRE RNA™, DAEMONLOGGER™, CLAMAV®, SOURCEFIRE SOLUTIONS NETWORK™, and certain other trademarks and logos are trademarks or registered trademarks of Sourcefire, Inc. in the United States and other countries. Other company, product and service names may be trademarks or service marks of others.
# # #