Determina Announces Protection from Critical Microsoft Zero-Day Vulnerability

April 3, 2007; 03:14 AM
Determina® Inc. today announced that it is making a free VPS Shield available for the latest Microsoft animated cursor zero-day vulnerability. Determina originally discovered this vulnerability in December, 2006, and reported it to Microsoft. The Shield can be downloaded from Determina's Security Research website at: http://www.determina.com/security_center/zero_day.asp.

As reported in a March 29, 2007 Determina Security Advisory, there is a vulnerability in the Windows animated cursor processing code. Any web page, email or content that can load an animated cursor can allow an attacker to take advantage of the vulnerability and run arbitrary code on the users system. The full advisory is available at: http://www.determina.com/security_center/security_advisories/ securityadvisory_0day_032907.asp (The preceding URL may need to be copy/pasted into your internet browser's address field. Delete the extra space if one exists.)

Through its breakthrough vulnerability protection technology, Determina customers have been protected against this vulnerability even before it was discovered and reported. Currently, this vulnerability does not have a vendor patch available, potentially exposing customers to attacks that exploit this zero-day vulnerability.

Determina’s Shields are also based on the vulnerability itself, and not on any specific attack vector. Therefore, any malware that utilizes these vulnerabilities to infect a system will be stopped, even if the attacker changes the attack. Unlike other attack-oriented security products from other vendors, Determina VPS is the only system that provides customers with true “vulnerability protection” that directly fixes the vulnerability in the code itself. Other third-party fixes for this vulnerability do not fix the vulnerability, and may turn off core Windows functionality if applied.

About Determina

Determina® is the leading provider of Vulnerability Protection solutions for servers and desktops based on breakthrough technology developed at M.I.T. Determina Vulnerability Protection Suite™ (VPS™) is the only solution to address the root cause of attacks – the software vulnerabilities themselves. Through this unique approach, it is the only solution for continuous protection from the latest worms, malicious code, and directed attacks, eliminating the need for reactive security patching. VPS consists of two products providing complimentary vulnerability coverage: Memory Firewall®, which provides proactive, zero-day protection for the most dangerous class of vulnerabilities without the need for updates, and LiveShield®, which provides precise vulnerability protection in real-time.

Determina is headquartered in Redwood City, CA with development offices in Cambridge, MA. Determina VPS has been rapidly and broadly deployed by enterprise customers in industries demanding the highest level of security and availability.