Cyberoam UTM Appliances Protect Against Windows WMF Exploit
Released on = January 5, 2006, 2:02 am
Press Release Author = Madhuri Narayan
Industry = Software
Press Release Summary = Cyberoam CR and CX series of unified threat management appliances offer layered protection against the latest Windows .WMF vulnerability. Cyberoam’s anti-virus engine was one of the earliest to offer protection against the exploit. Its protection covers critical protocols like HTTP, SMTP, POP and IMAP, effectively containing threat entry. Secondly, administrators can take a proactive approach by blocking .WMF files, untrusted sites and P2P, IM file exchanges through Cyberoam content filtering.
Press Release Body = (Ahmedabad. India. 05 January 2006) Cyberoam CR and CX series of unified threat management appliances offer layered protection against the latest Windows vulnerability, announced Elitecore Technologies Limited. Attacks exploit the vulnerability in the way Windows handles .WMF graphic files, installing BOTs and Trojan Horses on user machines.
With dozens of sites already exploiting the vulnerability, the number can easily go into hundreds in the coming days. The threat is not limited to .WMF files alone. Other image files like .jpg, .bmp and more are affected too. The image can come embedded in word or other documents or other image file formats.
An attacker who successfully exploits this vulnerability can gain control of the user’s machine and gain access to confidential data or perpetrate further attacks.
“Cyberoam UTM appliances’ anti-virus engine was one of the earliest to offer protection against the threat with the addition to its signature database,” says Harish Chib, Vice-President - Marketing.
“Since the attack may enter using multiple methods like email attachments, websites, instant messaging, response too should take a blended approach. More importantly, it must cover all critical protocols.”
“The Cyberoam anti-virus engine offers protection over the critical protocols like HTTP, SMTP, POP and IMAP, effectively containing threat entry,” adds Chib. “Secondly, administrators can take a proactive approach by blocking .WMF files through Cyberoam content filtering.”
Cyberoam advises administrators to caution users against visiting untrusted and unfamiliar sites. P2P file sharing sites and file transfer over IM must be blocked until Microsoft offers a patch for the vulnerability. Strict policies to enforce these measures must be set up irrespective of the usual hierarchy and identity-based policies that Cyberoam enables.
For users with Google Desktop, Cyberoam recommends uninstalling the mechanism until Microsoft releases a patch since Google causes the exploit to function from anywhere on the system whether the user has accessed it or not.
Cyberoam is the next generation security appliance that offers identity recognition and management across firewall, VPN, anti-virus, anti-spam, IDP, content filtering, providing granular security over multiple ISP links through a single box.
In doing so, Cyberoam provides real-time enterprise protection from emerging threats like spyware, phishing, pharming, in addition to comprehensive protection against viruses, worms, Trojans and other attacks. In addition, it allows administrators to allocate dedicated bandwidth to applications like VoIP.
Cyberoam provides security to more than 500 corporates, educational institutes and government organizations worldwide.
About Elitecore Technologies Elitecore Technologies Limited is the global provider of unified threat management appliances that provide complete Internet security to enterprises. Elitecore offers comprehensive threat management, enhancing enterprise-level security, productivity and mobility. For more information, please visit www.cyberoam.com.
Media Contact Madhuri Narayan Manager – Corporate Communications madhuri@elitecore.com +91-79-26405600
Web Site = http://www.cyberoam.com/pressrelease_wmf_exploit.html
Contact Details = 904, Silicon Tower Behind Pariseema Building Off C G Road Ahmedabad - 380006 India Phone - +91-79-26405600 Fax - +91-79-26407640