www.arkoon.net

SkyRecon Security Research Team | Recent Vulnerability Activity

Vulnerability research has been, and continues to be, a critical component in designing generic, effective, and efficient layers of protection for the endpoint. At SkyRecon Systems, our research and development teams aim to understand how a system is utilized by humans, applications, network resources, and connected devices, allowing us to provide organizations with an endpoint security solution that enables secure business transactions as opposed to productivity-hindering controls. Our research and resulting StormShield Security Suite solution allow employees to securely and safely use their systems for business in lin e with operational and regulatory requirements.

15 Oct 2009 - » Windows GDI+ Heap Overflow Vulnerability
SkyRecon's Research & Development team discovered the Windows GDI+ PNG Heap Overflow Vulnerability (CVE-2009-2501).

A remote code execution vulnerability exists in the way that GDI+ allocates memory. The vulnerability could allow remote code execution if a user opens a specially crafted PNG image file. An attacker who successfully exploits this vulnerability could take complete control of an affected system.

Microsoft rated this security update as “Critical” for all supported editions of Windows XP and Windows Server 2003; Windows Vista and Windows Vista Service Pack 1; Windows Vista x64 Edition and Windows Vista x64 Edition Service Pack 1; Windows Server 2008 for 32-bit Systems, Windows Server 2008 for x64-based Systems, and Windows Server 2008 for Itanium-based Systems; Microsoft Internet Explorer 6 Service Pack 1 when installed on Microsoft Windows 2000 Service Pack 4, SQL Server 2000 Reporting Services Service Pack 2, all supported editions of SQL Server 2005, Microsoft Report Viewer 2005 Service Pack 1 Redistributable Package, Microsoft Report Viewer 2008 Redistributable Package, and Microsoft Report Viewer 2008 Redistributable Package Service Pack 1.

Information on Microsoft Security Bullet MS09-062 can be found at: http://www.microsoft.com/technet/security/Bulletin/MS09-062.mspx (Accredited to Thomas Garnier of SkyRecon Systems.)

To view this vulnerability as a standard entry in the Common Vulnerabilities and Exposures list, visit http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2501

SkyRecon’s StormShield automatically protects systems against this vulnerability.

 
15 Jul 2009 - » Windows DirectShow Vulnerability - MS09-028
 
11 Mar 2009 - » Windows Kernel Handle Validation Vulnerability - MS09-006
 
15 Oct 2008 - » Windows Kernel Graphical Interface Vulnerability – MS08-061
 
15 Oct 2008 - » Windows Kernel Network Interface Vulnerability – MS08-066
 
8 Apr 2008 - » Windows GDI Media File Vulnerability – MS08-021
 
14 Feb 2008 - » Active Directory Vulnerability – MS08-003
 
9 Jan 2008 - » Windows LSASS Vulnerability – MS08-002
 
17 Dec 2007 - » Windows Vista Kernel ALPC Interface Vulnerability – MS07-066
 


For more information about StormShield's powerful endpoint protection and dynamic policy enforcement capabilities, be sure to visit http://skyrecon.com/stormshield.

StormShield integrated protection: USB Security | System Protection | Data Protection | Access Control | IT Compliance
top

 

inset

SkyRecon's StormShield endpoint protection solution is remarkably flexible when compared to other centrally managed endpoint protection solutions available today.

Matt Sarrel eWeek Magazine Contributing Editor, Executive Director Sarrel Group

bottom