StoneGate IPS provides protection against the latest Adobe and Microsoft vulnerabilities

14 juni 2010 Press release StoneGate IPS provides protection against the latest Adobe and Microsoft vulnerabilities Helsinki, Finland, 14 June 2010 - Stonesoft, an innovative provider of integrated network security and business continuity solutions, has today announced its StoneGate IPS (Intrusion Prevention System) provides efficient protection against the latest critical vulnerability that exists in Adobe Flash Player, Adobe Reader and Acrobat as well as the Microsoft vulnerability. According to the Adobe security advisory last updated on 10 June 2010 , the recent vulnerability (CVE-2010-1297) could cause a crash and potentially allow an attacker to take control of the affected system. The user is coaxed to open a PDF document that contains malicious code. The code attacks the user client via the web browser and can cause a lot of damage. There are reports that this vulnerability is being actively exploited in the wild against both Adobe Flash Player, and Adobe Reader and Acrobat. Similarly, in the Microsoft vulnerability , the user is led to download a web page, which then uses the Windows help program to break into the client. Upon successful exploitation, the remote attacker is able to execute arbitrary commands with the privileges of the user. StoneGate IPS offers efficient protection against both of the above-mentioned vulnerabilities. StoneGate IPS is capable of identifying and terminating the attacks when the web page or PDF document is opened and/or downloaded. The system can also stop emails that carry the PDF file as an attachment, or, in cases where the strongest possible protection is required, even prevent the downloading of any Adobe Flash content. Thus, all Stonesoft customers that use StoneGate IPS to protect their networks are not affected by these vulnerabilities. "The latest Adobe and Microsoft vulnerabilities are examples of so-called client side attacks, which are becoming increasingly common. Client side attacks are particularly harmful as they can penetrate through traditional firewalls, and a huge number of users are affected by these vulnerabilities. When successfully exploited, these vulnerabilities allow the attacker to read and modify any files and steal personal information such as user IDs and passwords. The compromised hosts are also usually joined into botnets. These vulnerabilities were also disclosed and exploited before patches became available, so it is extremely difficult to protect hosts from these attacks without external security devices, such as StoneGate IPS", explains Olli-Pekka Niemi , Vulnerability Expert and team leader of the Vulnerability Analysis team at Stonesoft. "Malware is spreading in the Internet regardless of the financial crisis, and organizations should not save in the wrong places. Cleaning up after damage is always a lot more expensive than attack prevention. In practice, organizations who do not have an adequate intrusion prevention system in place, will first pay for cleaning up and then for the implementation of the system. StoneGate IPS customers have full protection against dynamic vulnerabilities and can focus on their business", said Klaus Majewski, Vice President of Marketing at Stonesoft. For more information about the vulnerabilities, please visit http://www.cert.fi/haavoittuvuudet/2010/haavoittuvuus-2010-086.html (in Finnish) http://www.adobe.com/support/security/advisories/apsa10-01.html http://www.microsoft.com/technet/security/advisory/2219475.mspx For more details, please contact: Stonesoft Corporation Klaus Majewski, Vice President of Marketing Tel. +358 9 476 711 E-mail: klaus.majewski@stonesoft.com About Stonesoft Corporation Stonesoft Corporation (NASDAQ OMX: SFT1V) is an innovative provider of integrated network security solutions to secure the information flow of distributed organizations. Stonesoft customers include enterprises with growing business needs requiring advanced network security and always-on business connectivity. StoneGate(TM) Secure Connectivity Solution unifies firewall, VPN, IPS and SSL VPN blending network security, end-to-end availability and award-winning load balancing into a unified and centrally managed system. The key benefits of StoneGate the solution include low TCO, excellent price-performance ratio and high ROI. The StoneGate Virtual Security Solutions protect the network and ensure business continuity in both virtual and physical network environments. StoneGate Management Center provides unified management for StoneGate Firewall with VPN , IPS and SSL VPN . StoneGate Firewall and IPS work together to provide intelligent defense all over the enterprise network while StoneGate SSL VPN provides enhanced security for mobile and remote use. Founded in 1990, Stonesoft Corporation is a global company with corporate headquarters in Helsinki, Finland and Americas headquarters in Atlanta, Georgia. For more information, visit www.stonesoft.com and the corporate blog http://stoneblog.stonesoft.com . [HUG#1423661]