The vulnerability affects the based versions of the Microsoft® Windows® 2000, XP, 2003 Server, Vista and 2008 server operating systems.

“The identification of this vulnerability comes from our in-depth analysis of GDI media files format,” said Thomas Garnier, Senior Research Engineer at SkyRecon Systems. “During our ongoing research on various Windows file formats we found a critical vulnerability which could be used to remotely exploit Windows when user interaction is incorporated. If the vulnerability is exploited, there is a potential for remote code execution."

SkyRecon's StormShield Unified Client Security Solution provides multi-layered security integrated into single-agent protection with real-time defenses designed to protect an organization’s endpoints and the sensitive data that resides on them.

Upon identification of the GDI heap overflow vulnerability, engineers at SkyRecon confirmed that StormShield detects and blocks attacks targeting the Microsoft vulnerability without the need for patches or changes in configuration. As this is a remotely exploitable vulnerability, organizations that rely only on perimeter security technologies are vulnerable to attack. More information regarding the vulnerability and Microsoft Security Bulletin can be found at:
-- Microsoft Security Bulletin MS08-021 – Critical Vulnerability

“Vulnerability research continues to be a critical component in designing generic, effective, and efficient layers of protection for both the system and confidential data,” said Yann Torrent, Director of Research and Development at SkyRecon Systems, Inc. “As this vulnerability leaves both workstations and servers at risk, SkyRecon Systems is pleased to inform businesses around the world that our unified endpoint protection solution secures their critical business endpoint systems, protecting them from compromise leveraging StormShield’s integrated buffer overflow protection.”

StormShield offers integrated system and data protection layers in a single lightweight agent and single management console. Using only a few megabytes of memory footprint, StormShield’s behavioral-based endpoint protection solution features integrated device control, data encryption, application control, host-based intrusion prevention (HIPS), system firewall, wireless security, and Network Access Control (NAC) - a fraction of the size compared to other similar products in the market. Its agent provides zero-day protection without the need for signature or rule updates.