Contact Information: Press Contact: Sean Martin, CISSP smartin@skyrecon.com (877) 220-4178
SkyRecon Identifies Two Vulnerabilities in Windows DirectShow
SkyRecon's StormShield Automatically Protects Systems Against These Vulnerabilities
| Quelle: SkyRecon Systems
SAN JOSE, CA--(Marketwire - July 16, 2009) - SkyRecon Systems® (www.skyrecon.com), the
premier provider of integrated, proactive endpoint security solutions,
today announced that its Research & Development team has uncovered two
vulnerabilities -- CVE-2009-1537 and CVE-2009-1539 -- in Microsoft DirectX.
A security breach exists when opening certain types of multimedia video
files using Windows Media Player. Exploitation of these vulnerabilities
could allow remote code execution if a user opened a specially crafted
QuickTime media file. This exploit can be accomplished locally or through
the Internet, but only if the attacker persuades users to visit a malicious
website that will be used to exploit the vulnerabilities.
An attacker who successfully exploited these vulnerabilities could have
total control of a compromised system and gain the same user rights as the
local user. He/she could then install programs; view, change, or delete
data; and even create new accounts with full user rights. As a consequence,
users whose accounts are configured to operate with administrative user
rights would suffer more impact than users who have fewer user rights on
the system.
Upon identification of the DirectShow vulnerabilities leading to a buffer
overflow, engineers at SkyRecon confirmed that StormShield detects and
blocks attacks targeting the Microsoft vulnerabilities without the need for
patches.
StormShield 'Protection against Overflow' option simply has to be set to
'Critical' or 'High'.
Organizations that rely only on perimeter security technologies are
vulnerable to attack.
Securing endpoint using a Host-based Intrusion Prevention System (HIPS) is
the only way to be protected against these attacks.
"Once again, StormShield's efficiency and performance are proven. Our
solution's automatic protections block the attacks aiming at exploiting
these vulnerabilities and secure our customers' systems and data without
the need for patches," said Yann Torrent, Director of Research and
Development at SkyRecon Systems, Inc. "On top of developing advanced
endpoint security solutions, SkyRecon keeps on striving to provide
Microsoft with information we uncover in order to help them in their drive
to optimize the security of their operating systems and supporting
applications. We were incidentally the first to work with Microsoft to make
up for these vulnerabilities."
The vulnerabilities affect Windows 2000 Service Pack 4, Windows XP and
Windows Server 2003 operating systems. Windows Vista and Windows Server
2008 are not affected. More information regarding the vulnerabilities and
Microsoft Security Bulletin can be found at:
-- Microsoft Security Bulletin MS09-028 - Critical vulnerabilities
Accredited to Thomas Garnier, SkyRecon Systems
About StormShield Security Suite
StormShield Security Suite is a unified endpoint security, data protection,
and access control solution. It has been developed with the specific
intention of bringing together the operational continuity requirements of
the business and its IT systems, with the need to properly protect those
operations using a single-sourced range of protection facilities.
About SkyRecon Systems Inc.
Founded in 2003, SkyRecon Systems is a leading global provider of endpoint
protection platforms. With its award-winning endpoint security solutions,
organizations are able to ensure protection and enforce policy for endpoint
systems, applications, data and users upon which their business relies. The
company is a contributing member of the SecureIT Alliance, has received the
prestigious Red Herring 100 Award, and has been named "Entrepreneurial
Security Company of the Year" by Frost & Sullivan.
More information about SkyRecon can be obtained by visiting
www.skyrecon.com or by calling (877) 220-4178.
SkyRecon, the SkyRecon logo and StormShield are registered trademarks of
SkyRecon Systems Inc. All other product or service names are the property
of their respective owners.