Prnewsnow Reach the World NOW

↑ Grab this Headline Animator

Zero Day Exploit Advisory Secure Elements C5 Enterprise Vulnerability...



Secure Elements today announced that it has provided users of the C5 Enterprise Vulnerability Management suite with complete, automated remediation for the vulnerability associated with the zero day exploit disclosed in the last 24 hours. Customers of Secure Elements were notified of the vulnerability, exploit, and recommendation remediation actions last evening.



Critical Alert: Microsoft Internet Explorer "Msdds.dll" Remote Code Execution vulnerability



FrSIRT has released an exploit code for a critical vulnerability in Microsoft Internet Explorer 6.0, which allows remote attackers to execute arbitrary code and take complete control of an affected system. The issue is due to a memory corruption error that occurs when instantiating the "Msdds.dll" object as an ActiveX control. The vulnerability has been confirmed on Microsoft Internet Explorer 6.0 on Microsoft Windows XP Service Pack 2.



The Secure Elements Security Lab engineers believe that this exploit has a high probability to be used to create a worm or virus in the near future, and have classified the vulnerability as "Critical". While are not aware of a patch for this newly discovered vulnerability, one of our remediation countermeasures does mitigate this, and other, ActiveX based vulnerabilities and exploits that have no patch available.



C5 EVM users have been advised to deploy remediation SE-0002435 (Sets the Security level to "High" in Internet Explorer) immediately due to the imminent threat represented by this zero day exploit.



Products Effected:

-- Microsoft Internet Explorer 6.0

-- Microsoft Internet Explorer 6.0 SP1

-- Microsoft Internet Explorer 6.0 for Windows XP SP2



References:

-- http://www.frsirt.com/english/advisories/2005/1450

-- http://www.frsirt.com/exploits/20050817.IE-Msddsdll-0day.php



Enterprises or others may contact Secure Elements at 1-800-709-5011 to obtain more information or schedule discussions with expert sources from Secure Elements.



About Secure Elements



Secure Elements, an enterprise vulnerability management leader, automates security remediation strategies and tactics across the entire enterprise, reducing business risk and IT management costs while improving systems performance and maintaining business continuity. Protecting mission critical and network infrastructure assets from both known and unknown attacks without limiting operational performance, the company rapidly identifies and intelligently responds to complex and diverse security incidents. Using real-time threat intelligence data and analysis, Secure Elements provides administrators with optimal security control across the enterprise. Herndon, Va.-based Secure Elements serves organizations in the federal government and critical infrastructure markets, as well as Global 1000 corporations.



Contact:

Scott Armstrong

Secure Elements

Phone: (703) 709-5011

http://www.secure-elements.com






Prnewsnow Reach the World NOW

↑ Grab this Headline Animator

This article has been robotically scanned and tagged by Prnewsnow with the following search tags. No human manipulation of these tags take place.
| Groupwise | Messaging Architects | groupwise users upgrading |




Last 1000 Articles Submitted XML FEEDS FOR ORGANIZED NEWS