SkyRecon Identifies Critical Vulnerability That Targets Windows Metafiles

SAN JOSE, CA--(Marketwire - April 8, 2008) - SkyRecon Systems, the premier provider of unified endpoint security solutions, today announced that its flagship product StormShield, blocks against a known vulnerability CVE-2008-1083 recently identified by the research engineers at SkyRecon. The vulnerability affects the based versions of the Microsoft® Windows® 2000, XP, 2003 Server, Vista and 2008 server operating systems.

"The identification of this vulnerability comes from our in-depth analysis of GDI media files format," said Thomas Garnier, Senior Research Engineer at SkyRecon Systems. "During our ongoing research various Windows file formats we found a critical vulnerability which could be used to remotely exploit Windows when user interaction is incorporated. If the vulnerability is exploited, there is a potential for remote code execution."

SkyRecon's StormShield Unified Client Security Solution provides multi-layered security integrated into single-agent protection with real-time defenses designed to protect an organization's endpoints and the sensitive data that resides on them.

Upon identification of the GDI heap overflow vulnerability, engineers at SkyRecon confirmed that StormShield detects and blocks attacks targeting the Microsoft vulnerability without the need for patches or changes in configuration. As this is a remotely exploitable vulnerability, organizations that rely only on perimeter security technologies are vulnerable to attack. More information regarding the vulnerability and Microsoft Security Bulletin can be found at:

-- Microsoft Security Bulletin MS08-021 - Critical Vulnerability

"Vulnerability research continues to be a critical component in designing generic, effective, and efficient layers of protection for both the system and confidential data," said Yann Torrent, Director of Research and Development at SkyRecon Systems, Inc. "As this vulnerability leaves both workstations and servers at risk, SkyRecon Systems is pleased to inform businesses around the world that our unified endpoint protection solution secures their critical business endpoint systems, protecting them from compromise leveraging StormShield's integrated buffer overflow protection."

StormShield offers integrated system and data protection layers in a single lightweight agent and single management console. Using only a few megabytes of memory footprint, StormShield's behavioral-based endpoint protection solution features integrated device control, data encryption, application control, host-based intrusion prevention (HIPS), system firewall, wireless security, and Network Access Control (NAC) -- a fraction of the size compared to other similar products in the market. Its agent provides zero-day protection without the need for signature or rule updates.

About SkyRecon Systems Inc.

Founded in 2003 in Paris and with US headquarters in San Jose, Calif., SkyRecon Systems is a provider of system and data security solutions. The company enjoys strategic partnerships with Microsoft and Juniper in support of its engineering and sales efforts. SkyRecon received the prestigious Red Herring 100 Award and has been named "Entrepreneurial Security Company of the Year" by Frost & Sullivan. In 2007 it received a Readers Trust finalist award by SC Magazine. More information on SkyRecon Systems can be found at www.skyrecon.com. SkyRecon Systems Inc., 2033 Gateway Place, Suite 500, San Jose, CA 95110. Tel. (877) 239 3057. www.skyrecon.com.

SkyRecon Systems is also a contributing member of the SecureIT Alliance. For more information, please visit: http://secureitalliance.org/blogs/Skyrecon_Systems/Default.aspx.

Contact Information: Press Contact: Sean Martin CISSP smartin@skyrecon.com (949) 878-0592