Stonesoft, an innovative provider of integrated network security and business continuity solutions, today announced that its StoneGate IPS (intrusion prevention system) provides efficient protection against the latest critical vulnerabilities that exist in Adobe Flash Player, Adobe Reader, Adobe Acrobat and Microsoft Windows. Due to Stonesoft's advanced next generation IPS capabilities, companies currently using the StoneGate IPS to protect their networks are not affected by these vulnerabilities.
According to the Adobe security advisory last updated on June 10th, the recent vulnerability (CVE-2010-1297) can cause the user's system to crash while potentially allowing an attacker to take control of the affected system. At that point, the user is coaxed to open a PDF document that contains malicious code. The code attacks the user client via a Web browser resulting in tremendous damage. This vulnerability is being actively exploited in the wild against both Adobe Flash Player, and Adobe Reader and Acrobat. Similarly, in the Microsoft vulnerability, the user is led to download a web page, which then uses Windows' help program to break into the client. Upon successful exploitation, the remote attacker is able to execute arbitrary commands with the privileges of the user.
StoneGate IPS offers efficient protection against both of these critical vulnerabilities. The StoneGate IPS is capable of identifying and terminating the attacks when the web page or PDF document is opened and/or downloaded. The system can also stop emails that carry the PDF file as an attachment as well as prevent the downloading of any Adobe Flash content.
"These newest vulnerabilities are representative of the sophisticated, client-side attacks that have become increasingly common in the network. They also reiterate the need for solutions like the StoneGate IPS that automatically protect against these threats. In Adobe and Microsoft's case, the threats were disclosed and exploited before patches became available making it extremely difficult to protect hosts without external security devices," said Jeff Hajek, senior vice president of operations at Stonesoft, Inc.
For more information about Stonesoft's next generation IPS solutions, please visit www.stonesoft.com.
About Stonesoft
Stonesoft Corporation (NASDAQ OMX: SFT1V) delivers proven, innovative solutions that simplify network security management for even the most complex network environments. The StoneGate Platform unifies management of entire networks—including StoneGate and third-party devices—blending integrated threat management, end-to-end high availability and network optimization into a centrally controlled system. As a result, Stonesoft provides the highest levels of proactive control, always-on connectivity and compliance at the lowest total cost of ownership (TCO) on the market today. Founded in 1990, the company is an established leader in network security innovation with corporate headquarters in Helsinki, Finland and Americas headquarters in Atlanta, Georgia. For more information, visit www.stonesoft.com and http://stoneblog.stonesoft.com.
Contacts:
Stonesoft Corporation
Hannah Bower, 404-371-3989
hannah@bower-communications.com