Ottawa, Ontario (PRWEB) November 9, 2005
Third Brigade, Inc. (http://www.thirdbrigade.com) today announced that customers that have deployed Deep Security, its advanced Host Intrusion Prevention System (HIPS) are protected from attacks that could exploit new software vulnerabilities recently disclosed for Microsoft, Linux, Computer Associates, Novell, Snort and Veritas.
Microsoft: Multiple vulnerabilities have been reported in Microsoft Windows that allow an attacker to remotely execute code on the vulnerable system and take complete control of it. The vulnerabilities exist in the rendering of Windows Metafile (WMF) and Enhanced Metafile (EMF) image formats, and any program that renders these files could be vulnerable to an attack.
Linux: A new Linux worm known as Linux/Plupii or Linux/Lupper exploits vulnerabilities in PHP and Perl CGI scripts on Linux and Unix based web servers. The worm propagates by searching for, and exploiting, unpatched systems that remain vulnerable.
In addition to these vulnerability announcements, there have been a number of other recent vulnerabilities that affect enterprise software, including:
- Computer Associates Unicenter Message Queuing Buffer Overflow (CVE-2005-2668)
- Novell ZENworks Patch Management Multiple SQL Injection Vulnerabilities (CVE-2005-3315)
- Snort Back Orifice Pre-processor Buffer Overflow (CAN-2005-3252)
- Veritas NetBackup Java Remote Format String vulnerability (CAN-2005-2715)
Compromise of systems with any of these vulnerabilities can result in loss of system availability, damage to data integrity or exposure of confidential information and highlights the severity of today’s threat environment.
“Although patch Tuesday puts the focus squarely on Microsoft, it’s important to remember that vulnerabilities exist in all commercial software, as well as custom software applications,” said Brian O’Higgins, Chief Technology Officer of Third Brigade. “Enterprises need to complement their existing defense mechanisms with a host-based intrusion prevention system that protects a broad set of platforms and applications,” he added.
Third Brigade customers are advised to apply updates containing the latest filters that protect against these vulnerabilities.
For more information on:
- The Microsoft security bulletin: http://www.microsoft.com/technet/security/bulletin/ms05-053.mspx
- The Linux vulnerability: http://isc.sans.org/diary.php?storyid=823
- Third Brigade’s security dispatches: http://www.thirdbrigade.com/security/dispatches.html
- Third Brigade Deep Security: http://www.thirdbrigade.com/products/index.html
About Third Brigade
Third Brigade provides Host Intrusion Prevention Systems (HIPS) to financial services, government, health care, telecommunications and other organizations that need to implement security best practices as part of a defense-in-depth strategy. Our Deep Security solutions give you greater control of your business. They stop attacks before they impact hosts, help ensure compliance with regulations and policies, and maximize the performance of your people, processes and hosts. Unlike others, Third Brigade provides an innovative hybrid approach, a positive security model, proactive defense, and a powerful administrative platform.
For more information, contact:
Media and Analyst Relations
(T) 613-599-4505 x3001