TippingPoint Protects Customers Against New, Zero-Day Vulnerabilities in Windows

TippingPoint Protects Customers Against New, Zero-Day Vulnerabilities in Windows

AUSTIN, Texas, Dec. 28 /PRNewswire-FirstCall/ -- TippingPoint (NASDAQ:TPTI), the leader in intrusion prevention, today announced that its UnityOne(TM) Intrusion Prevention Systems offer preemptive, vulnerability- based protection against critical new vulnerabilities and exploits in Microsoft Windows announced late last week. "Trojan.Phel.A" was also discovered yesterday, and is already exploiting a vulnerability for which a patch has not yet been issued, making TippingPoint's UnityOne the only solution for network protection.

The most severe of the new Windows vulnerabilities includes an overflow in the Windows Load Image API, which can be exploited simply by viewing a specially crafted icon, cursor, or bitmap file in a Web page or e-mail. Also last week, a fully-functional remote code execution exploit was released for Internet Explorer, which bypasses the "Local Computer" zone security restrictions in Windows XP service pack 2 through the HTML Help ActiveX control. A variant of this code, Trojan.Phel.A, is malicious code distributed as an HTML file that emerged yesterday, only four days after the original exploit was made public. Exploitation of either issue could allow an attacker to run any program on the victim's computer with the victim's user privileges.

TippingPoint delivered vulnerability filters known as Virtual Software Patches(TM) through its automated Digital Vaccine Service to UnityOne users within 12 hours of the new Windows vulnerabilities being made public last Thursday, and prior to the discovery of Trojan.Phel.A. UnityOne systems are updated with the Digital Vaccine service on a continuous basis so customers have zero-day protection in advance of a worm or automated exploit.

"While many of our customers were on vacation and away from the office, their UnityOne systems were automatically updated with the latest protection against these new Windows vulnerabilities," said TippingPoint's Chief Technology and Strategy Officer Marc Willebeek-LeMair. "In addition to the inconvenient timing of the holidays, this round of vulnerability announcements was further exacerbated by the fact that there simply are no patches available yet. Intrusion prevention is the only network-based method of protection for these types of emerging zero-day threats."

TippingPoint's UnityOne Intrusion Prevention System provides Application Protection, Performance Protection and Infrastructure Protection at gigabit speeds through total packet inspection. Application Protection capabilities provide fast, accurate, reliable protection from internal and external cyber attacks. Through its Infrastructure Protection capabilities, UnityOne protects VoIP infrastructure, routers, switches, DNS and other critical infrastructure from targeted attacks and traffic anomalies. UnityOne Performance Protection capabilities enable customers to throttle non-mission critical applications that hijack valuable bandwidth and IT resources, thereby aligning network resources and business-critical application performance.

About TippingPoint

TippingPoint is the leading provider of network-based intrusion prevention systems that deliver in-depth Application Protection, Infrastructure Protection, and Performance Protection for corporate enterprises, government agencies, service providers and academic institutions. Our innovative approach offers customers unmatched network-based security with unrivaled economics, ultra-high performance, scalability and reliability. TippingPoint is based in Austin, Texas, and can be contacted through its Web site at http://www.tippingpoint.com/ or by telephone at 1-88UNITYONE.

TippingPoint Technologies, the TippingPoint logo, Virtual Software Patch, UnityOne, the UnityOne logo and Digital Vaccine are registered trademarks of TippingPoint.

Forward-looking Statements

This press release contains various forward-looking statements and information that are based on TippingPoint's belief, as well as assumptions made by and information currently available to TippingPoint. When used in this press release, words such as "anticipate," "think," "project," "expect," "plan," "goal," "forecast," "intend," "could," "believe," "may," and similar expressions and statements regarding TippingPoint's plans and objectives for future operations, are intended to identify forward-looking statements. Although TippingPoint believes that such expectations reflected in such forward-looking statements are reasonable, TippingPoint cannot give assurances that such expectations will prove to be correct. These forward-looking statements are subject to certain risks, uncertainties and assumptions. Should one or more of these risks or uncertainties materialize, or should underlying assumptions prove incorrect, actual results may vary materially from those anticipated, estimated or projected. The key factors that could cause actual results to differ materially from those in the forward-looking statements include, but are not limited to, the following: TippingPoint's limited operating history in the network security industry; the level of demand for TippingPoint's products; reliance on distribution channels through which TippingPoint products are sold; the volume and timing of orders for TippingPoint's products; product and price competition; the availability of component parts of TippingPoint's products; reliance on third party manufacturers to produce TippingPoint products; long sales and implementation cycles for TippingPoint products; TippingPoint's ability to retain and attract key personnel; TippingPoint's ability to develop or introduce new products or product enhancements; reliance on certain licensed third party technology to produce TippingPoint products; TippingPoint's ability to protect its intellectual property and to avoid costly litigation relating to its intellectual property; TippingPoint's ability to predict its manufacturing requirements accurately; risks relating to TippingPoint's expansion internationally; downturns in the network security and related markets; undetected product errors or defects; public perception of TippingPoint's products in the event of a security breach of one of its customer's networks; and litigation relating to the failure of one of TippingPoint's products. These and other risks and assumptions are described in TippingPoint's reports that are available from the United States Securities and Exchange Commission. TippingPoint has no obligation to publicly update or revise any forward- looking statement, whether as a result of new information, future events or otherwise.

CONTACT:
Laura Craddick
512-681-8441
lcraddick@tippingpoint.com


Source: TippingPoint

CONTACT: Laura Craddick of TippingPoint, +1-512-681-8441, or
lcraddick@tippingpoint.com

Web site: http://www.tippingpoint.com/


-------
Profile: intent