contents

software
 
VPS Shield for the Latest MS Zero-day Vulnerability by Determina

Determina is making a free VPS Shield available for the latest Microsoft zero-day vulnerability announced on September 28, 2006. This vulnerability does not have a vendor patch available, potentially exposing customers to attacks that exploit this zero-day vulnerability.

The previous VPS Shield that Determina produced for the WMF vulnerability was a huge success. Thousands of individuals and enterprises downloaded and deployed the Shield, which can be installed directly onto an affected system without any modifications to critical Windows files, configuration, or functionality. Once the patch is available and the user deploys it on their system, Determina VPS automatically detects the patch and no longer applies the Shield. Determina intends to continue to deliver free shields when there are critical zero-day outbreaks for which there are no patches available.

Determina customers who have the Vulnerability Protection Suite (VPS) are not threatened by these vulnerabilities and have true "zero-day" threat protection from any attacks.

Determina's Shields do not modify any system files or configuration of a system, and do not disable any critical system functionality on the affected system. In some cases, "patches" from other vendors can result in permanent modification to the system, making it hard or impossible to revert back to the original system configuration when the "patch" is removed.

Determina's Shields are also based on the vulnerability itself, and not on any specific attack vector. Therefore, any malware that utilizes these vulnerabilities to infect a system will be stopped, even if the attacker changes the attack. Determina VPS is the only system that provides customers with true "vulnerability protection" that directly fixes the vulnerability in the code itself.

Determina has also released a free, downloadable Shield to the general public. This standalone Shield for Internet Explorer will prevent this critical vulnerability from being exploited until Microsoft is able to issue a patch. Desktop users without proactive protection against vulnerability exploits may consider installing this Shield if they believe they might have exposure to web-based attacks. The Shield can be downloaded from Determina's Security Research website. The Shield applies to all currently known affected versions of Windows. The Shield fixes the flawed code in memory when a vulnerable version of the ActiveX control in Internet Explorer is running, without affecting the installation of the web browser on disk or disabling any browser functionality. It should also not interfere with the installation of a Microsoft patch when one becomes available.

Determina VPS' unique ability to protect against 100 percent of critical Windows vulnerabilities has earned positive reviews in leading publications, including InfoWorld, PC Magazine, and Secure Enterprise. The company also received the InfoWorld 2005 Innovators Award for its pioneer work in mitigating critical Windows vulnerabilities.

Vulnerability protection offers customers the ability to comprehensively address the security and operational issues around security and patching. The Determina VPS suite offers comprehensive vulnerability protection though its two products: Memory Firewall, which provides proactive, zero-day protection for the most dangerous class of vulnerabilities, and LiveShield, which provides precise vulnerability protection in real-time.



write your comments about the article :: 2006 Computing News :: home page