Third Brigade's Host Intrusion Prevention System Stops Attacks That Could Exploit New Microsoft Vulnerability

Share Article

Third Brigade, Inc. (http://www.thirdbrigade.com) today announced that customers that have deployed Deep Security, its advanced Host Intrusion Prevention System (HIPS), are protected from attacks that could exploit a vulnerability in code handling Windows Meta Files (WMF) on the Windows platform, which was announced in Microsoft Security Advisory 912840, December 28th, 2005.

Third Brigade, Inc. (http://www.thirdbrigade.com) today announced that customers that have deployed Deep Security, its advanced Host Intrusion Prevention System (HIPS), are protected from attacks that could exploit a vulnerability in code handling Windows Meta Files (WMF) on the Windows platform, which was announced in Microsoft Security Advisory 912840, December 28th, 2005.

The new, unpatched critical vulnerability is in a DLL used by several applications to display WMF files. Microsoft’s Picture and Fax Viewer application, which is the default viewer for WMF graphics within Microsoft Windows XP and 2003, is the most likely target. However, other applications may also call the vulnerable DLL. If successfully exploited, an attacker would be given all the privileges of the user viewing the image, up to and including administrative privileges. An attacker who successfully exploited these critical vulnerabilities could take complete control of an affected system. An attacker could then install programs, view, change or delete data, or create new accounts with full user rights.

Third Brigade customers automatically receive updates with the latest filters that protect against these and other vulnerabilities. Third Brigade Deep Security proactively stops attacks before they impact hosts, helps ensure compliance with industry regulations such as PCI (including Visa CISP, Mastercard SDP), Sarbanes-Oxley, HIPAA, GLBA, FISMA and corporate policies, reduces operating costs, and prevents service disruptions caused by attacks.

For Third Brigade’s security dispatch on today’s Microsoft security bulletins, click here:

http://www.thirdbrigade.com/security/dispatches.html

For more information on the Microsoft security bulletin, click here:

http://www.microsoft.com/technet/security/advisory/912840.mspx

For information on Third Brigade Deep Security, click here:

http://www.thirdbrigade.com/products/index.html

About Third Brigade

Third Brigade provides Host Intrusion Prevention Systems (HIPS) to financial services, government, health care, telecommunications and other organizations that need to implement security best practices as part of a defense-in-depth strategy. Our Deep Security solutions give you greater control of your business. They stop attacks before they impact hosts, help ensure compliance with regulations and policies, and maximize the performance of your people, processes and hosts. Unlike others, Third Brigade provides an innovative hybrid approach, a positive security model, proactive defense, and a powerful administrative platform.

For more information, contact:

Kathryn Schwab

Media and Analyst Relations

Third Brigade

(T) 613-599-4505 x3001

(M) 613-858-4407

# # #

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Kathryn Schwab
Visit website