This particular attack is very interesting as it bypasses traditional perimeter defenses because it is neither .exe file nor an installer package and the attack may come from a good Web site that has been compromised. This attack uses the browser to launch attack on another part of Windows (shimgvw.dll)
Monrovia, CA (PRWEB) January 3, 2006
Trlokom, Inc., a pioneer in anti-spyware and endpoint security software and services today announced today that the latest release of SpyWall Anti-Spyware protects against the previously known 0-day vulnerability in Microsoft graphics rendering engine. A remote code execution vulnerability exists in the processing of Windows Meta File (WMF) that allows a malicious Web site to install rouge anti-spyware programs, Trojans, and other spyware on users machine. The attack can be launched when the user visits the Web site and does not require any other action from the user.
Because an extremely large number of machines are vulnerable, this vulnerability is being exploited to install spyware without the user's consent. Trlokom's web browser firewall/sandbox and anti-spyware solution, SpyWall, guards against this vulnerability by detecting and blocking the attack in real-time.
"This particular attack is very interesting as it bypasses traditional perimeter defenses because it is neither .exe file nor an installer package and the attack may come from a good Web site that has been compromised. This attack uses the browser to launch attack on another part of Windows (shimgvw.dll)" said Jayant Shukla, founder and CEO of Trlokom.
"The ability to sandbox the web browser and prevention of malicious external code is important. A perimeter-based web filtering solution will do nothing to prevent such attacks. Application sandbox at the end point is the correct long term solution that truly reduces the burden of web borne attacks in enterprise and improves regulatory compliance."
Since its launch in June 2005, SpyWall has become a leader in spyware prevention. SpyWall is the first and only integrated firewall/sand box for the web browser and spyware cleaning tool. While all other anti-spyware products primarily focus on cleaning spyware after it is already on the PCs, SpyWall takes a very different and much more effective approach.
SpyWall keeps the PC free of resource-sucking adware and spyware and prevents malware from ever reaching the system by sandboxing the web browser and preventing malicious Web sites from exploiting vulnerabilities. SpyWall is also able to block phishing attacks and detect almost all key loggers without using any signatures.
About Trlokom, Inc.
Trlokom, Inc., is a leading provider of enterprise-class network protection with world class solutions such as SpyWall. T-NAC, OmniVPN and Katana. Trlokom's flagship product, SpyWall (Anti-Spyware) provides enterprise class protection against spyware while allowing easy to use web monitoring, and endpoint security seamlessly to our customers globally. SpyWall is the first and only browser firewall/sandbox integrated with anti-spyware. It is the only anti-spyware solution that uses a behavior-based approach to block phishing attacks and detect key loggers.
Trlokom's OmniVPN solution is a featured rich integrated VPN, firewall, Central Management tool, and intrusion prevention solution all in one software solution that continually helps thousands of users world wide. Trlokom is a privately held company with headquarters in Monrovia, California. For more information please visit us at http://www.trlokom.com.