eEye Digital Security Announces Availability of Protection for August Microsoft Security Updates
Posted on: Tuesday, 9 August 2005, 15:00 CDT
eEye(R) Digital Security, a leading software developer of network security solutions enabling businesses to protect their network infrastructure, today announced that it offers a means of preemptive protection for the security vulnerabilities announced today by Microsoft (NASDAQ:MSFT). As part of its mission to allow customers to effectively manage the risks associated with securing their networks, eEye offers protection with Retina(R), the industry's leading Network Security Scanner which detects the presence of security vulnerabilities, in addition to Blink(R), eEye's award-winning endpoint security software, which provides proactive protection from these and other security vulnerabilities.
As part of their regular monthly security update, Microsoft released six security bulletins affecting various Windows operating systems and applications, including NT4, 2000, XP, Server 2003 and Internet Explorer.
Of the bulletins issued today, two are especially noteworthy. First, MS05-039, a vulnerability in the Plug and Play Service, can lead to a remote system compromise allowing an attacker to take full control of a remote system and potentially perform malicious tasks. This flaw is similar to other serious vulnerabilities that have been used in the past to create worms such as Blaster and Sasser. Additionally, MS05-043 may also allow for remote code execution, permitting a malicious user to take control of vulnerable systems. Similar to MS05-039, this potentially could be used to propagate an Internet-based worm. For more information on the bulletins, please visit http://www.microsoft.com/technet/security/bulletin/ms05-aug.mspx.
eEye's Retina Network Security Scanner has been updated to identify these vulnerabilities and provide remediation options. Additionally, Retina can perform the majority of its scans without requiring administrator rights, allowing IT administrators to complete the risk assessment process faster than with competing solutions. For organizations where immediate patching is not an option, eEye's Blink Endpoint Vulnerability Prevention solution offers preventive protection from these vulnerabilities in the absence of patches. Through its innovative approach to intrusion prevention, Blink allows businesses to maintain regularly scheduled patching cycles, avoiding the resource drain associated with "panic patching." By protecting against entire classes of attacks, Blink does not require the burden of constant updates, as is the case with signature-based solutions.
"To avoid remote exploitation, organizations of all sizes should address these particular vulnerabilities immediately," said Marc Maiffret, co-founder and chief hacking officer, eEye Digital Security. "The window to remediate is diminishing, as hackers become more sophisticated in their ability to exploit vulnerabilities such as these. Both Retina and Blink allow security teams to stay ahead of potential attacks by providing proactive measures."
As a service to the network security community, eEye's Research Team - headed by Mark Maiffret, eEye's co-founder and chief hacking officer - conducts a Vulnerability Expert Forum Web seminar during the second week of every month. The next Forum is scheduled for Thursday, Aug. 11 at 7:30am US W.Coast/10:30am US E.Coast/3:30pm UK/4:30pm Central Europe. These Vulnerability Expert Forums enable participants to stay current on the potential risks and remediation requirements, such as those announced today, by exploring the effect that high-risk vulnerabilities and exploits have on network environments and infrastructures.
To register for the August Vulnerability Expert Forum, visit: http://www.eeye.com/html/company/events/VEF11082005.html.
About the Retina Enterprise Suite
Retina is integrated into the Retina Enterprise Suite, which also includes the REM Security Management Console. As a fully integrated vulnerability management solution, the Retina Enterprise Suite provides IT administrators with the ability to identify known security vulnerabilities, assist in prioritizing threats for remediation and aggregate information from multiple Retina scanners in a distributed enterprise. Further, the Retina Enterprise Suite delivers a sophisticated workflow integration that allows IT and security departments to work together effectively to optimize resources and mitigate threats. As a result, the Retina Enterprise Suite gives enterprises the means to automate protection strategies that will ensure business continuity. The Retina Enterprise Suite with Retina is available now. Interested parties can learn more at www.eeye.com/retinaenterprise.
About Blink
Designed to be implemented on individual assets such as servers, PCs and laptops, Blink is the first endpoint product to combine multiple layers of security technologies to protect enterprises from zero-day attacks that leverage yet unknown vulnerabilities within enterprise networks. This comprehensive security solution allows enterprises to defer patching vulnerable machines until regularly scheduled maintenance cycles, thereby saving millions of dollars in business disruption and the associated IT resource drain caused by "panic" patching. Additionally, Blink eliminates the problem of so-called "socially engineered" security threats in which hackers trick individuals into downloading malware or otherwise making their own machines vulnerable to attack. As a result, Blink uniquely protects assets from vulnerabilities, as opposed to only thwarting attacks. For more information on Blink please visit: www.eeye.com/blink.
About eEye Digital Security
eEye Digital Security is a leading developer of network security software, and the foremost contributor to security research and education. eEye's award-winning software products provide a complete vulnerability management solution that addresses the full lifecycle of security threats: before, during and after attacks. eEye's customers, Citigroup and U.S. Department of Defense, represent the largest deployments of vulnerability assessment and prevention technology in the private and public sector. eEye protects the networks and digital assets of more than 8,400 corporate and government deployments worldwide, including Avon, Continental Airlines, Dow Jones, Prudential, University of Miami, Viacom, Vodafone, Warner Music and Wyeth. Founded in 1998, eEye Digital Security is a privately held, venture-backed firm with headquarters in Orange County, Calif. For more information, please go to www.eEye.com.
eEye Digital Security, the eEye Digital Security logo and its products are trademarks or registered trademarks, in the United States and certain other countries. Additional company and product names may be trademarks or registered trademarks of the individual companies and are respectfully acknowledged.
Source: Business Wire
Related Articles
- Microsoft Security Update Fails to Patch the Vulnerability It Was Meant to Fix, According to PandaLabs
- eEye Retina Network Security Scanner Passes NSS Labs' PCI Suitability Testing
- Poor Management Puts Enterprise Networks at Risk
- Stonesoft Evaluated on Ability to Execute and Completeness of Vision in Latest Enterprise Network Firewalls Magic Quadrant
- Phenom(TM) 3.0 Secure Enterprise Collaboration Suite Now Online at Download.Com
- OhioHealth Deploys Courion's Enterprise Provisioning Suite
- Apani Networks Joins The Open Group and OASIS to Augment Enterprise Network Security Initiatives
- Sharp HealthCare Provides Secure Access to Patient Information With Courion's Enterprise Provisioning Suite; Achieves Transparent Compliance for HIPAA Privacy and Security Requirements
- eEye Digital Security's Blink Endpoint Vulnerability Prevention System Named 2005 Readers' Choice Award Winner By Windows IT Pro; eEye Solutions Selected By Windows IT Pro Readers for Second Year in a Row
- Intoto Delivers Advanced Multi-Service Security Software Platforms for Small-to-Medium Enterprise Gateway Applications
 |
 |
User Comments (0)
RSS Feeds