SOURCE: SkyRecon Systems

January 09, 2008 09:41 ET

SkyRecon Blocks Vulnerability That Exploits Passwords Stored by Windows

SkyRecon Provides Single-Agent Protection for Endpoint Applications, Operating Systems, and Sensitive Data

SAN JOSE, CA--(Marketwire - January 9, 2008) - SkyRecon Systems, the premier provider of unified endpoint security solutions, today announced that its flagship product, StormShield, blocks against a known vulnerability CVE-2007-5352 recently identified by the research engineers at SkyRecon. The vulnerability affects the 32-bit, 64-bit, and Itanium-based versions of the Microsoft® Windows® 2000, XP, and 2003 Server operating systems.

"This is the second vulnerability that our research team has identified and reported to Microsoft in the past couple months," said Thomas Garnier, Senior Research Engineer at SkyRecon Systems. "During our ongoing research in the Windows LPC Interface, we found an important vulnerability which could be used to gain local elevated privilege and then execute code in the LSASS process -- a system account process which manages credentials in the Windows operating system. If the vulnerability is exploited, there is a potential for saved system-level passwords to be accessed by users that did not originally possess the proper credentials to access this sensitive information."

SkyRecon's StormShield is the first in the industry to provide a single-agent solution with real-time defenses designed to protect an organization's endpoints and the sensitive data that resides on them.

Upon identification of the LSASS vulnerability, engineers at SkyRecon confirmed that StormShield detects and blocks attacks targeting the Microsoft vulnerability without the need for patches or changes in configuration. As this is a local vulnerability, organizations that rely only on perimeter security technologies are vulnerable to attack. More information regarding the vulnerability and Microsoft Security Bulletin can be found at:

-- Microsoft Security Bulletin MS08-002 - Important Vulnerability

"Vulnerability research continues to be a critical component in designing generic, effective, and efficient layers of protection," said Yann Torrent, Director of Research and Development at SkyRecon Systems, Inc. "As this vulnerability leaves workstations and terminal servers at most risk, SkyRecon Systems is pleased that our unified endpoint protection solution protects these critical business endpoint systems from compromise using its integrated buffer overflow protection."

SkyRecon's StormShield uses multiple protection layers to comprehensively address endpoint and data protection and does so through a single, lightweight agent. As the industry's first unified endpoint protection solution to integrate behavioral-based host intrusion prevention with device control and content encryption, StormShield provides real-time defenses designed to protect an organization's endpoints and the critical business data that resides on them.

About SkyRecon Systems Inc.

SkyRecon Systems is the premier global provider of system and data security solutions. With its multi-layered approach, SkyRecon's StormShield Unified Endpoint Protection solution delivers the industry's first integrated endpoint security product to provide single-agent protection for endpoint operating systems, applications, and sensitive data. SkyRecon's patented technologies meet the market's current and future requirements for protecting their networked and mobile PCs, offering the only lightweight security agent to deliver integrated device control, secure content encryption, application control, intrusion prevention, system firewall, network access control (NAC), with centralized dynamic policy management and enforcement.

SkyRecon Systems is also a contributing member of the SecureIT Alliance. For more information, please visit: http://secureitalliance.org/blogs/Skyrecon_Systems/Default.aspx.

SkyRecon Systems Inc., 2033 Gateway Place, Suite 500, San Jose, CA 95110. Tel. (877) 239 3057. www.skyrecon.com.

Contact Information