SkyRecon Systems, the premier provider of integrated, proactive endpoint security solutions, today announced that its research team has recently uncovered the kernel-level vulnerability CVE-2009-0082. This Windows kernel vulnerability, if exploited, could allow for a local elevation of privilege, and ultimately, compromise of both the system and its data.

The Microsoft Windows kernel is the core of the operating system. The kernel-level vulnerability affects all Microsoft Windows 2000 and newer versions of the operating system. Successful exploitation of the vulnerability could lead to the execution of arbitrary code in kernel mode, and allow for complete control to be taken of the affected system. An attacker could then install programs; view, change or delete critical data; and even create new accounts with administrative user rights.

“In addition to building leading-edge unified client security solutions to secure the Windows operating environment, our research and development team strive to provide Microsoft with information we uncover in order to strengthen the security of their operating systems and related applications,” said Yann Torrent, R&D Director at SkyRecon Systems Inc. “During our ongoing security research of the Windows kernel environment, we found that the kernel didn’t validate these handles properly, exposing this vulnerability that could be used to gain elevated privileges, allowing for unapproved access and control over the endpoint.”

More information regarding the vulnerabilities and the Microsoft Security Bulletin can be found at:
-- Microsoft Security Bulletin MS09-006 – Critical Vulnerability
   Accredited to Thomas Garnier, SkyRecon Systems

SkyRecon’s partnership with Microsoft and its ongoing and recent vulnerability research, enable the innovative endpoint security vendor to be proactive in responding to the customer need for an endpoint security solution that proactively protects the system and data from compromise while not eating up their precious hardware and IT staff resources.

StormShield Security Suite delivers proactive protection for the system and the data through its unique multi-layered, light-weight, single-agent endpoint protection platform, providing risk-based control and dynamic policy enforcement for: anti-virus/anti-spyware, device control, full-disk and file-based encryption, host-based intrusion prevention (HIPS), system firewall, application control, wireless security, and network access control (NAC).

About SkyRecon Systems Inc.
Founded in 2003, SkyRecon Systems is a leading global provider of endpoint protection platforms. With its award-winning endpoint security solutions, organizations are able to ensure protection and enforce policy for the endpoint systems, applications, data and users upon which their business relies. The company is a contributing member of the SecureIT Alliance, has received the prestigious Red Herring 100 Award, and has been named "Entrepreneurial Security Company of the Year” by Frost & Sullivan. StormShield has again received 4 stars in the SC Magazine Endpoint Security Group Test, has been nominated as a finalist for the SC Awards magazine in the US Best Mobile Device Security Solution category and the 2008 TechWorld.com Awards in the Endpoint Security Product of the Year category, and was also recently selected as a top 10 vendor for the 2008 Computer Reseller News list of Emerging Tech Vendors You Need to Know.

More information about SkyRecon can be obtained by calling (877) 220-4178.

#  #  #

Press Contact:
Sean Martin, CISSP
smartin@skyrecon.com
(949) 878-0592