Third Brigade Protects Physical and Virtualized Servers From Attacks That Could Exploit New Microsoft Windows Server Vulnerability

Third Brigade Deployed Customers Are Protected From Attacks Attempting To Exploit Vulnerability That Was Announced in Microsoft Security Bulletin MS08-067

Ottawa, Ontario (PRWEB) October 24, 2008 -- Third Brigade, Inc. (www.thirdbrigade.com) today announced that its customers which have deployed the Third Brigade Deep Security advanced host intrusion defense system (IDS/IPS) to physical or virtualized servers, are protected from attacks that could exploit a critical Microsoft® Windows® Server service vulnerability. This vulnerability was announced in Microsoft Security Bulletin MS08-067, October 23rd. On many Windows platforms, an attacker could exploit this vulnerability without authentication to run arbitrary code. It is possible that this vulnerability could be attacked by a wormable exploit. The flaw is rated critical on Windows 2000, XP, and Windows Server 2003 and is given an important rating on Windows Vista and Windows Server 2008.

"Targeted attacks existed before, and mainstream exploits were written within hours of the patch being made available for this recent vulnerability," said Bill McGee, vice president of products and technology at Third Brigade. "The ability to quickly shield servers from known and unknown vulnerabilities helps preserve an enterprise's security, operations and state of compliance. The risk of this most recent vulnerability being attacked by a wormable exploit that impacts a large number of servers, underscores the importance of having proactive protection in place on all physical and virtualized servers."

Third Brigade customers automatically receive security updates with the latest filters that protect against newly discovered vulnerabilities. As a member of the Microsoft Active Protections Program (MAPP), Third Brigade receives vulnerability information from Microsoft in advance of their security bulletins, which ensures its mutual customers receive the fastest possible response to and protection from emerging security threats.

Third Brigade Deep Security combines a stateful firewall with intrusion detection and prevention in a software solution. It prevents data breaches and business disruptions, protects corporate assets like databases and applications, enables compliance, and reduces costs.

For Third Brigade's security advisory on this Microsoft security bulletin, click here:

http://www.thirdbrigade.com/labs.aspx?id=833

For more information on the Microsoft security bulletin, click here: http://www.microsoft.com/technet/security/bulletin/MS08-067.mspx

For information on Third Brigade Deep Security, click here: http://www.thirdbrigade.com/product.aspx?id=48

About Third Brigade

Third Brigade (www.thirdbrigade.com) best-of-breed host intrusion defense systems protect critical data and applications--including those on virtual machines--from attacks that bypass or penetrate network defenses, and target vulnerabilities in operating systems, and enterprise and web applications. With a high performance deep packet inspection engine, Third Brigade Deep Security detects and prevents known and zero-day attacks, and provides a virtual patch for Microsoft® Windows®, Solaris™, Linux, and other Unix® hosts on physical and virtualized systems. It helps ensure regulatory compliance with PCI and other standards, and prevents costly business disruptions. Third Brigade also owns and maintains OSSEC, the Open Source Host Intrusion Detection Project. Third Brigade. That's control.

Note: "Third Brigade", "Deep Security Solutions", and the Third Brigade logo are trademarks of Third Brigade, Inc. and may be registered in certain jurisdictions. All other company and product names are trademarks or registered trademarks of their respective owners.

For more information:

Laura Maio

Media & Analyst Relations

Third Brigade, Inc.

(T) 613-599-4505 x2238

(M) 613-219-2800

laura.maio@thirdbrigade.com

Claire Barton

Nadel Phelan, Inc.

(T) 831-440-2406

claire@nadelphelan.com

# # #