Third Brigade's Intrusion Prevention System (IPS) Provides Proactive Protection for Critical Microsoft and Oracle Vulnerabilities

Share Article

Third Brigade, Inc. (http://www.thirdbrigade.com) today announced that customers that have deployed Third Brigade Deep Security, its advanced host-based Intrusion Prevention System (IPS), are proactively protected from attacks that could exploit vulnerabilities disclosed today by Microsoft (April Security Bulletin) and for Oracle.

Ottawa, ON and Reston, VA – April 11, 2006 -- Third Brigade, Inc. (http://www.thirdbrigade.com) today announced that customers that have deployed Third Brigade Deep Security, its advanced host-based Intrusion Prevention System (IPS), are proactively protected from attacks that could exploit vulnerabilities disclosed today by Microsoft (April Security Bulletin) and for Oracle:

  • Filters previously released by Third Brigade in March proactively protect MS06-013, a critical vulnerability in Internet Explorer. This vulnerability could result in remote code execution, with a successful exploit resulting in an attacker taking complete control of the affected system.
  • Third Brigade also released a vulnerability shield filter to protect MS06-014, a critical vulnerability in the Microsoft Data Access Components (MDAC) in Microsoft Windows platforms. This vulnerability could result in remote code execution, with a successful exploit resulting in an attacker taking complete control of the affected system.
  • A vulnerability shield filter to protect CVE-2006-1705, an unpatched, high risk vulnerability in Oracle Database 9i and Oracle Database 10g, has also been released. This vulnerability allows a database user with a read-only role to escalate privileges and allow them to insert, update and delete data.

“Third Brigade vulnerability shield filters have successfully protected hosts for over two weeks from attackers attempting to exploit the Internet Explorer CreateTextRange vulnerability”, said Brian O'Higgins, CTO of Third Brigade, Inc. “Because businesses rely on a range of applications, leading intrusion prevention solutions must address vulnerabilities from major software vendors including Microsoft and Oracle.”

Third Brigade's advanced, host-based intrusion prevention system provides effective, proactive protection for a wide range of vulnerabilities that exist in commercial and custom software applications. Third Brigade customers automatically receive vulnerability shield updates with the latest filters that protect recently disclosed vulnerabilities, including these critical Microsoft vulnerabilities.

Third Brigade Deep Security proactively stops attacks before they impact hosts, helps ensure compliance with industry regulations such as PCI (including Visa CISP, Mastercard SDP), Sarbanes-Oxley, HIPAA, GLBA, FISMA and corporate policies, reduces operating costs, and prevents service disruptions caused by attacks.

For Third Brigade security dispatches on this security bulletin: http://www.thirdbrigade.com/security/dispatches.html

For more information on the specific vulnerabilities disclosed in the April Microsoft Security Bulletin:

  • MS06-013 Cumulative Security Update for Internet Explorer

http://www.microsoft.com/technet/security/Bulletin/MS06-013.mspx

  • MS06-014 Vulnerability in the Microsoft Data Access Components (MDAC) Function Could Allow Code Execution

http://www.microsoft.com/technet/security/Bulletin/MS06-014.mspx

For more information on the Oracle Database vulnerability (CVE 2006-1705):

For information on Third Brigade Deep Security:

http://www.thirdbrigade.com/products/index.html

About Third Brigade

Third Brigade specializes in providing intrusion prevention systems (IPS) to health care, government, telecommunications, financial services and other organizations that need to prevent attacks that exploit vulnerabilities in commercial and custom software, including web applications. It enables you to create and enforce comprehensive security policies that proactively protect critical applications, sensitive data, and hosts, ensure regulatory compliance, and maximize the performance of your people, processes and hosts. Unlike other intrusion prevention systems, Third Brigade’s is not intrusive. It has been architected from the ground-up for intrusion prevention, and is smaller, faster and simpler. Third Brigade. That’s control.

For more information, contact:

George McTaggart

Third Brigade, Inc.

(T) 613-599-4505 x2236

(M) 613-292-8274

###

Share article on social media or email:

View article via:

Pdf Print

Contact Author

George Mctaggart
Visit website

Media