TippingPoint Preemptively Protects Customers Against Critical Microsoft Vulnerabilities

TippingPoint Preemptively Protects Customers Against Critical Microsoft Vulnerabilities

AUSTIN, Texas, Jan. 11 /PRNewswire-FirstCall/ -- TippingPoint Technologies, Inc. (NASDAQ:TPTI), the leader in intrusion prevention, today announced that its UnityOne(TM) Intrusion Prevention Systems (IPS) preemptively protected customers from all critical vulnerabilities disclosed by Microsoft today in the following advisories: MS05-001 and MS05-002.

For the last month, TippingPoint's UnityOne has been the only method of network protection for these vulnerabilities prior to the release of a patch from Microsoft today, and was the only IPS that protected customers from the resulting exploit, Trojan.Phel.A.

TippingPoint's UnityOne systems were equipped with vulnerability filters for these security holes in December when TippingPoint's Virtual Software Patches were developed and distributed through the Digital Vaccine Service within 12 hours of the vulnerabilities being made public through research organizations not related to Microsoft and prior to the discovery of the exploit known as Trojan.Phel.A.

"Through the hard work and research of our Digital Vaccine team, TippingPoint has consistently delivered vulnerability protection more efficiently, effectively, and accurately than any other IPS," said TippingPoint's Chief Technology and Strategy Officer Marc Willebeek-LeMair. "To protect these vulnerabilities within hours of being discovered, it requires painstaking research, in-depth understanding of the threat and an IPS engine powerful enough to support accurate filters that precisely identify malicious traffic without impacting performance."

As soon as a new vulnerability is discovered, the Digital Vaccine research team works quickly to ensure that its filters are timely, accurate, and comprehensive. In 2004, the average time for TippingPoint to deliver vulnerability filters to customers was within 48 hours after the discovery of a critical vulnerability, which precedes an exploit or worm. UnityOne systems are updated with the Digital Vaccine service on a continuous basis so customers have zero-day protection in advance of a worm or automated exploit.

The critical vulnerabilities that TippingPoint's UnityOne protects include:

MS05-001 - CAN-2004-1043 -- A vulnerability exists in the HTML Help ActiveX control in Windows that could allow an attacker to run any program of his choosing by enticing a user to visit a malicious web page.

MS05-002 - CAN-2004-1049 -- An overflow exists in the Windows Load Image API that can be exploited simply by enticing a victim to view a specially crafted icon, cursor, or bitmap file in a Web page or e-mail.

To read about TippingPoint's zero-day protection of these vulnerabilities, click: http://www.tippingpoint.com/pdf/press/2004/MSChVul_122804.pdf

For more information on the Microsoft vulnerabilities, click here: http://www.microsoft.com/technet/Security/default.mspx

TippingPoint's UnityOne Intrusion Prevention System provides Application Protection, Performance Protection and Infrastructure Protection at gigabit speeds through total packet inspection. Application Protection capabilities provide fast, accurate, reliable protection from internal and external cyber attacks. Through its Infrastructure Protection capabilities, UnityOne protects VoIP infrastructure, routers, switches, DNS and other critical infrastructure from targeted attacks and traffic anomalies. UnityOne Performance Protection capabilities enable customers to throttle non-mission critical applications that hijack valuable bandwidth and IT resources, thereby aligning network resources and business-critical application performance.

About TippingPoint

TippingPoint is the leading provider of network-based intrusion prevention systems that deliver in-depth Application Protection, Infrastructure Protection, and Performance Protection for corporate enterprises, government agencies, service providers and academic institutions. Our innovative approach offers customers unmatched network-based security with unrivaled economics, ultra-high performance, scalability and reliability. TippingPoint is based in Austin, Texas, and can be contacted through its Web site at http://www.tippingpoint.com/ or by telephone at 1-88UNITYONE.

TippingPoint Technologies, the TippingPoint logo, UnityOne, the UnityOne logo and Digital Vaccine are registered trademarks of TippingPoint.

Forward-looking Statements

This press release contains various forward-looking statements and information that are based on TippingPoint's belief, as well as assumptions made by and information currently available to TippingPoint. When used in this press release, words such as "anticipate," "think," "project," "expect," "plan," "goal," "forecast," "intend," "could," "believe," "may," and similar expressions and statements regarding TippingPoint's plans and objectives for future operations, are intended to identify forward-looking statements. Although TippingPoint believes that such expectations reflected in such forward-looking statements are reasonable, TippingPoint cannot give assurances that such expectations will prove to be correct. These forward-looking statements are subject to certain risks, uncertainties and assumptions. Should one or more of these risks or uncertainties materialize, or should underlying assumptions prove incorrect, actual results may vary materially from those anticipated, estimated or projected. The key factors that could cause actual results to differ materially from those in the forward-looking statements include, but are not limited to, the following: TippingPoint's limited operating history in the network security industry; the level of demand for TippingPoint's products; reliance on distribution channels through which TippingPoint products are sold; the volume and timing of orders for TippingPoint's products; product and price competition; the availability of component parts of TippingPoint's products; reliance on third party manufacturers to produce TippingPoint products; long sales and implementation cycles for TippingPoint products; TippingPoint's ability to retain and attract key personnel; TippingPoint's ability to develop or introduce new products or product enhancements; reliance on certain licensed third party technology to produce TippingPoint products; TippingPoint's ability to protect its intellectual property and to avoid costly litigation relating to its intellectual property; TippingPoint's ability to predict its manufacturing requirements accurately; risks relating to TippingPoint's expansion internationally; downturns in the network security and related markets; undetected product errors or defects; public perception of TippingPoint's products in the event of a security breach of one of its customer's networks; and litigation relating to the failure of one of TippingPoint's products. These and other risks and assumptions are described in TippingPoint's reports that are available from the United States Securities and Exchange Commission. TippingPoint has no obligation to publicly update or revise any forward- looking statement, whether as a result of new information, future events or otherwise.

CONTACT:
Laura Craddick
512-681-8441
lcraddick@tippingpoint.com


Source: TippingPoint Technologies, Inc.

CONTACT: Laura Craddick of TippingPoint Technologies, Inc.,
+1-512-681-8441, or lcraddick@tippingpoint.com

Web site: http://www.tippingpoint.com/
http://www.tippingpoint.com/pdf/press/2004/MSChVul_122804.pdf
http://www.microsoft.com/technet/Security/default.mspx


-------
Profile: intent