Contact Information: Press Contact: Sean Martin, CISSP smartin@skyrecon.com (949) 878-0592
SkyRecon Identifies Two Kernel-Level Windows Vulnerabilities
SkyRecon Research Provides Information Leading to Important Patch of the Windows Kernel
| Source: SkyRecon Systems
SAN JOSE, CA--(Marketwire - October 14, 2008) - SkyRecon® Systems (www.skyrecon.com), the
premier provider of integrated, proactive endpoint security solutions,
today announced that its research team has uncovered two kernel-level
vulnerabilities -- CVE-2008-2252 and
CVE-2008-3464 -- both located in multiple versions of the Microsoft®
Windows® operating system.
The Microsoft Windows kernel is the virtual interface between the hardware
and the operating system, providing administrative control over multiple
subsystems, processes, and memory. Some of the subsystems are designed run
within the kernel space, providing direct access to the other kernel-level
services directly through the operating system layer. Compromise of the
kernel via one of the kernel-level subsystems could expose the system to
further compromise, such as a root-kit injection that could lead to
hi-jacking and remote control of the endpoint.
"These are two important vulnerabilities that our research team has
identified and that are being patched this month," said Thomas Garnier,
Senior Research Engineer at SkyRecon Systems. "During our ongoing security
research of the Windows kernel environment and our passionate desire to
protect the Windows business environment, we found these two important
vulnerabilities which could be used to increase privileges for the
compromised subsystem, effectively granting local access to every component
of the system -- both hardware and software."
Both vulnerabilities -- CVE-2008-2252 and
CVE-2008-3464 -- affect the kernel in the following 32-bit, 64-bit, and
Itanium versions of the Windows Operating systems: Windows XP Professional,
Windows 2000 Server, and Windows 2003 Server. Vulnerability
CVE-2008-2252 affects Windows Vista as well.
CVE-2008-2252 is located in the graphical kernel interface.
CVE-2008-3464 is located in the network kernel interface subsystem
areas. If exploited, either vulnerability could allow for a local
escalation of privilege, and ultimately, system compromise.
More information regarding the vulnerabilities and the Microsoft Security
Bulletin can be found at:
-- Microsoft Security Bulletin MS08-003 - Important
Vulnerability, Accredited to Thomas Garnier, SkyRecon Systems
-- Microsoft Security Bulletin MS08-003 - Important
Vulnerability, Accredited to Fabien Le Mentec, SkyRecon Systems
SkyRecon's partnership with Microsoft and its ongoing and recent vulnerability research, enable the
innovative endpoint security vendor to be proactive in responding to the
customer need for an endpoint security solution that proactively protects
the system and data from compromise while not eating up their precious
hardware and IT staff resources.
StormShield Security Suite provides real-time protection from both
identified and zero-day attacks. The comprehensive, proactive protection is
delivered through a multi-layered, light-weight single endpoint protection
platform, providing integrated endpoint policy control and enforcement for:
host-based intrusion prevention (HIPS), system firewall,
anti-virus/anti-spyware, application control, device control, data
encryption, wireless security, and network access control (NAC).
About SkyRecon Systems Inc.
Founded in 2003, SkyRecon Systems is a leading global provider of endpoint
protection platforms. With its award-winning single-policy endpoint
security solutions, organizations are able to ensure protection and enforce
policy for the endpoint systems, applications, data and users upon which
their business relies. The company is a contributing member of the SecureIT
Alliance, has received the prestigious Red Herring 100 Award, and has been
named "Entrepreneurial Security Company of the Year" by Frost & Sullivan.
StormShield has again received 4 stars in the SC Magazine Endpoint Security
Group Test, has been nominated as a finalist for the SC Awards magazine in
the US Best Mobile Device Security Solution category and the 2008
TechWorld.com Awards in the Endpoint Security Product of the Year category,
and was also recently selected as a top 10 vendor for the 2008 Computer
Reseller News list of Emerging Tech Vendors You Need to Know.
More information about SkyRecon can be obtained by visiting
www.skyrecon.com, attending an educational security webinar, or by calling (877)
239-3057.
SkyRecon, the SkyRecon logo, StormShield, and TradeShield are registered
trademarks of SkyRecon Systems Inc. All other product or service names are
the property of their respective owners.