TippingPoint Delivers Preemptive Protection for Latest Round of Microsoft Vulnerabilities

TippingPoint Delivers Preemptive Protection for Latest Round of Microsoft Vulnerabilities

AUSTIN, Texas, Feb. 8 /PRNewswire-FirstCall/ -- TippingPoint, a division of 3Com (NASDAQ:COMS) and the leader in intrusion prevention, today announced its suite of Intrusion Prevention Systems (IPS) provide same-day protection for vulnerabilities disclosed by Microsoft today in the following advisories ranked critical and important: MS05-005, MS05-006, MS05-007, MS05-008, MS05-009, MS05-010, MS05-012, MS05-013, MS05-014, MS05-015.

The new vulnerability filters, developed by TippingPoint's Digital Vaccine team and distributed through TippingPoint's Digital Vaccine service, protect against zero-day attacks that attempt to exploit the announced vulnerabilities. Because of the extensive breadth and depth of TippingPoint's Digital Vaccine coverage, TippingPoint's IPS's already had existing protection for many of the vulnerabilities, which were covered through pre-existing security filters for issues disclosed publicly through other sources. TippingPoint's new filters, also known as Virtual Software Patches, were distributed to customers today after extensive accuracy and performance testing.

"Our world-class Digital Vaccine service is able to rapidly deliver pre- exploit, vulnerability protection to our customers faster than any other IPS," said TippingPoint's Chief Technology Officer Marc Willebeek-LeMair. "This rapid response is crucial in light of the shrinking window of time it takes for exploits to emerge."

The vulnerabilities that TippingPoint's IPS protects include:

(1) MS05-005
Office XP Vulnerability - CAN-2004-0848
(Rating: Critical)

(2) MS05-006
SharePoint Cross-site Scripting and Spoofing Vulnerability -
CAN-2005-0049
(Rating: Moderate)

(3) MS05-007
Windows Named Pipe Vulnerability - CAN-2005-0051
(Rating: Important)

(4) MS05-008
Drag-and-Drop Vulnerability - CAN-2005-0053
(Rating: Important)

(5) MS05-009
PNG Processing Vulnerability - CAN-2004-1244, CAN-2004-0597
(Rating: Critical)

(6) MS05-010
License Logging Service Vulnerability - CAN-2005-0050
(Rating: Critical)

(7) MS05-012
OLE Input Validation Vulnerability - CAN-2005-0044
(Rating: Critical)

(8) MS05-013
DHTML Editing Component ActiveX Control Cross Domain Vulnerability -
CAN-2004-1319
(Rating: Critical)

(9) MS05-014
-- Drag and Drop Vulnerability - CAN-2005-0053
(Rating: Important)

-- URL Decoding Zone Spoofing Vulnerability - CAN-2005-0054
(Rating: Critical)

-- DHTML Method Heap Memory Corruption Vulnerability - CAN-2005-0055
(Rating: Critical)

-- Channel Definition Format (CDF) Cross Domain Vulnerability -
CAN-2005-0056
(Rating: Moderate)

(10) MS05-015
Hyperlink Object Library Vulnerability - CAN-2005-0057
(Rating: Critical)



(11) Re-released: MS04-035 - CAN-2004-0840 - This CRITICAL advisory regarding a vulnerability in SMTP was updated to include Exchange 2000 as an additional affected application. TippingPoint's pre-existing vulnerability filter for this issue did not have to be updated as it already offers preemptive protection in spite of the updated information.

For more information on the Microsoft vulnerabilities, visit: http://www.microsoft.com/technet/Security/default.mspx

TippingPoint's Intrusion Prevention Systems provide Application Protection, Performance Protection and Infrastructure Protection at gigabit speeds through total packet inspection. Application Protection capabilities provide fast, accurate, reliable protection from internal and external cyber attacks. Through its Infrastructure Protection capabilities, TippingPoint's IPS protects VoIP infrastructure, routers, switches, DNS and other critical infrastructure from targeted attacks and traffic anomalies. TippingPoint's Performance Protection capabilities enable customers to throttle non-mission critical applications that hijack valuable bandwidth and IT resources, thereby aligning network resources and business-critical application performance.

About TippingPoint, a division of 3Com

TippingPoint, a division of 3Com, is the leading provider of network-based intrusion prevention systems that deliver in-depth Application Protection, Infrastructure Protection, and Performance Protection for corporate enterprises, government agencies, service providers and academic institutions. Our innovative approach offers customers unmatched network-based security with unrivaled economics, ultra-high performance, scalability and reliability. TippingPoint is based in Austin, Texas, and can be contacted through its Web site at http://www.tippingpoint.com/ or by telephone at 1-888-TRUE-IPS.

About 3Com Corporation

3Com is a leading provider of secure, converged voice and data networking solutions for enterprises of all sizes. 3Com offers a broad line of innovative products backed by world class sales, service and support, which excel at delivering business value for its customers. When customers exercise choice, their choice is 3Com. For further information, please visit http://www.3com.com/ , or the press site http://www.3com.com/pressbox .

3Com, the 3Com logo, TippingPoint Technologies, the TippingPoint logo and Digital Vaccine are registered trademarks and Exercise Choice is a trademark of 3Com Corporation. All other company and product names may be trademarks of their respective holders.

CONTACT:
Laura Craddick
512.681.8441
lcraddick@tippingpoint.com


Source: TippingPoint Technologies

CONTACT: Laura Craddick of TippingPoint Technologies, +1-512-681-8441,
or lcraddick@tippingpoint.com

Web site: http://www.tippingpoint.com/
http://www.microsoft.com/technet/Security/default.mspx
http://www.3com.com/
http://www.3com.com/pressbox


-------
Profile: intent