SkyRecon Identifies "Critical" Windows GDI+ Heap Overflow Vulnerability

Vulnerabilities in GDI+ Could Allow Remote Code Execution


SAN JOSE, CA--(Marketwire - October 15, 2009) - SkyRecon Systems® (www.skyrecon.com), the premier provider of integrated, proactive endpoint security solutions, today announced that its Research & Development team discovered the Windows GDI+ PNG Heap Overflow Vulnerability (CVE-2009-2501). Microsoft was quick to release a patch yesterday. SkyRecon's StormShield automatically protects systems against these vulnerabilities.

A remote code execution vulnerability exists in the way that GDI+ allocates memory. The vulnerability could allow remote code execution if a user opens a specially crafted PNG image file. An attacker who successfully exploits this vulnerability could take complete control of an affected system.

"We continue to focus on building leading-edge unified endpoint client security solutions for our customers to help them secure their Windows operating environment, and therefore strive to provide Microsoft with information we uncover to increase the overall security posture of their operating systems and related applications," said Yann Torrent, R&D Director at SkyRecon Systems Inc.

"During our ongoing security research and development, designed to deliver the most effective and relevant security measures available for the Windows operating environment, we found this vulnerability exposed, which could be used to gain control of the affected system," said Torrent.

Microsoft rated this security update as "Critical" for all supported editions of Windows XP and Windows Server 2003; Windows Vista and Windows Vista Service Pack 1; Windows Vista x64 Edition and Windows Vista x64 Edition Service Pack 1; Windows Server 2008 for 32-bit Systems, Windows Server 2008 for x64-based Systems, and Windows Server 2008 for Itanium-based Systems; Microsoft Internet Explorer 6 Service Pack 1 when installed on Microsoft Windows 2000 Service Pack 4, SQL Server 2000 Reporting Services Service Pack 2, all supported editions of SQL Server 2005, Microsoft Report Viewer 2005 Service Pack 1 Redistributable Package, Microsoft Report Viewer 2008 Redistributable Package, and Microsoft Report Viewer 2008 Redistributable Package Service Pack 1.

Information on Microsoft Security Bullet MS09-062 can be found at: http://www.microsoft.com/technet/security/Bulletin/MS09-062.mspx (Accredited to Thomas Garnier of SkyRecon Systems.)

To view this vulnerability as a standard entry in the Common Vulnerabilities and Exposures list, visit http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2501

About StormShield Security Suite

StormShield Security Suite is a unified endpoint security, data protection, and access control solution. It has been developed with the specific intention of bringing together the operational continuity requirements of the business and its IT systems, with the need to properly protect those operations using a single-sourced range of protection facilities.

About SkyRecon Systems Inc.

Founded in 2003, SkyRecon Systems is a leading global provider of endpoint protection platforms. With its award-winning endpoint security solutions, organizations are able to ensure protection and enforce policy for endpoint systems, applications, data and users upon which their business relies. The company is a contributing member of the SecureIT Alliance, has received the prestigious Red Herring 100 Award, and has been named "Entrepreneurial Security Company of the Year" by Frost & Sullivan.

More information about SkyRecon can be obtained by visiting www.skyrecon.com or by calling (877) 220-4178.

SkyRecon, the SkyRecon logo and StormShield are registered trademarks of SkyRecon Systems Inc. All other product or service names are the property of their respective owners.

Contact Information: Press Contact: Sean Martin, CISSP smartin@skyrecon.com (877) 220-4178