August 14, 2008

Palo Alto Networks Discovers Two Vulnerabilities in This Week’s Microsoft Security Bulletin

Palo Alto Networks today announced that its Threat Research Team discovered two of the 11 vulnerabilities discovered in Microsoft's Patch Tuesday security bulletin this week.

The first discovery is an Internet Explorer vulnerability rated "critical." Microsoft credited Palo Alto Networks exclusively for the "HTML Object Memory Corruption Vulnerability" (CVE-2008-2254), which could enable an attacker to exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user.

The second vulnerability, also exclusively credited to Palo Alto Networks, the "Microsoft Event System Vulnerability" (CVE-2008-1456) is rated "important" and could be used by an attacker to take complete control of an affected system. An attacker could then install programs; view, change or delete data; or create new accounts with full administrative rights.

These vulnerabilities represent the fourth and fifth Microsoft-related discoveries for the Palo Alto Networks Threat Research Team in the last 12 months. The previous three vulnerabilities were all rated "critical" and could result in remote code execution. They include:

-- Agent Remote Code Execution Vulnerability (CVE-2007-3040)

-- GDI Heap Overflow Vulnerabilities (CVE-2008-1083)

-- GDI Stack Overflow Vulnerabilities (CVE-2008-1087)

Palo Alto Networks' family of next-generation firewalls protects enterprises from any exploits that take advantage of these vulnerabilities, as well as a broad range of other threats. The Palo Alto Networks Threat Research Team is active in the research community, aggressively pursuing both new vulnerability research and mitigation of all types of threats.

About Palo Alto Networks

Palo Alto Networks(TM) enables visibility and policy control of applications running on enterprise networks. Based on innovative App-ID(TM) application classification technology, the Palo Alto Networks family of next-generation firewalls accurately identifies applications - regardless of port, protocol, evasive tactic or even SSL encryption - at 10Gbps with no performance degradation. Enterprises can now set and enforce application usage policies to meet compliance requirements, improve threat mitigation and lower operational costs. For more information, visit

Palo Alto Networks, the Palo Alto Networks Logo, App-ID and PAN-OS are trademarks of Palo Alto Networks, Inc. in the United States. All other trademarks, trade names or service marks used or mentioned herein belong to their respective owners.