StoneGate IPS provides protection against the latest Adobe and Microsoft vulnerabilities
Press release
StoneGate IPS provides protection against
the latest Adobe and Microsoft vulnerabilities
Helsinki, Finland, 14 June 2010 - Stonesoft, an innovative provider of
integrated network security and business continuity solutions, has today
announced its StoneGate IPS (Intrusion Prevention System) provides efficient
protection against the latest critical vulnerability that exists in Adobe Flash
Player, Adobe Reader and Acrobat as well as the Microsoft vulnerability.
According to the Adobe security advisory last updated on 10 June 2010
,
the recent vulnerability (CVE-2010-1297) could cause a crash and potentially
allow an attacker to take control of the affected system. The user is coaxed to
open a PDF document that contains malicious code. The code attacks the user
client via the web browser and can cause a lot of damage. There are reports that
this vulnerability is being actively exploited in the wild against both Adobe
Flash Player, and Adobe Reader and Acrobat.
Similarly, in the Microsoft vulnerability
, the user is
led to download a web page, which then uses the Windows help program to break
into the client. Upon successful exploitation, the remote attacker is able to
execute arbitrary commands with the privileges of the user.
StoneGate IPS offers efficient protection against both of the above-mentioned
vulnerabilities. StoneGate IPS is capable of identifying and terminating the
attacks when the web page or PDF document is opened and/or downloaded. The
system can also stop emails that carry the PDF file as an attachment, or, in
cases where the strongest possible protection is required, even prevent the
downloading of any Adobe Flash content. Thus, all Stonesoft customers that use
StoneGate IPS to protect their networks are not affected by these
vulnerabilities.
"The latest Adobe and Microsoft vulnerabilities are examples of so-called client
side attacks, which are becoming increasingly common. Client side attacks are
particularly harmful as they can penetrate through traditional firewalls, and a
huge number of users are affected by these vulnerabilities. When successfully
exploited, these vulnerabilities allow the attacker to read and modify any files
and steal personal information such as user IDs and passwords. The compromised
hosts are also usually joined into botnets. These vulnerabilities were also
disclosed and exploited before patches became available, so it is extremely
difficult to protect hosts from these attacks without external security devices,
such as StoneGate IPS", explains Olli-Pekka Niemi , Vulnerability Expert and
team leader of the Vulnerability Analysis team at Stonesoft.
"Malware is spreading in the Internet regardless of the financial crisis, and
organizations should not save in the wrong places. Cleaning up after damage is
always a lot more expensive than attack prevention. In practice, organizations
who do not have an adequate intrusion prevention system in place, will first pay
for cleaning up and then for the implementation of the system. StoneGate IPS
customers have full protection against dynamic vulnerabilities and can focus on
their business", said Klaus Majewski, Vice President of Marketing at Stonesoft.
For more information about the vulnerabilities, please visit
http://www.cert.fi/haavoittuvuudet/2010/haavoittuvuus-2010-086.html (in Finnish)
http://www.adobe.com/support/security/advisories/apsa10-01.html
http://www.microsoft.com/technet/security/advisory/2219475.mspx
For more details, please contact:
Stonesoft Corporation
Klaus Majewski, Vice President of Marketing
Tel. +358 9 476 711
E-mail: klaus.majewski@stonesoft.com
About Stonesoft Corporation
Stonesoft Corporation (NASDAQ OMX: SFT1V) is an innovative provider of
integrated network security solutions to secure the information flow of
distributed organizations. Stonesoft customers include enterprises with growing
business needs requiring advanced network security and always-on business
connectivity.
StoneGate(TM) Secure Connectivity Solution unifies firewall, VPN, IPS and SSL
VPN blending
network security, end-to-end availability and award-winning load balancing into
a unified and centrally managed system. The key benefits of StoneGate the
solution include low TCO, excellent price-performance ratio and high ROI. The
StoneGate Virtual Security Solutions
protect the network and ensure business continuity in
both virtual and physical network environments.
StoneGate Management Center
provides unified management for StoneGate Firewall with VPN
, IPS
and
SSL VPN
. StoneGate Firewall and IPS work together to provide intelligent defense all
over the enterprise network while StoneGate SSL VPN provides enhanced security
for mobile and remote use.
Founded in 1990, Stonesoft Corporation is a global company with corporate
headquarters in Helsinki, Finland and Americas headquarters in Atlanta, Georgia.
For more information, visit www.stonesoft.com and
the corporate blog http://stoneblog.stonesoft.com
.
[HUG#1423661]