SOURCE: SkyRecon Systems

December 14, 2007 10:58 ET

SkyRecon Identifies Microsoft Vista Vulnerability

SkyRecon Research Team Provides Information Leading to Patch of Vista Flaw

SAN JOSE, CA--(Marketwire - December 14, 2007) - SkyRecon Systems, the premier provider of unified endpoint security solutions, today announced that its research team uncovered an elevation of privilege vulnerability CVE-2007-5350 in the Microsoft® Windows® Vista™ operating system.

"Windows Vista includes many new enhancements and features which improve the overall operating system security," said Thomas Garnier, Senior Research Engineer at SkyRecon Systems, Inc. "During our ongoing research in the Windows Vista kernel and the ALPC interface, we found an important vulnerability which could be used to gain privilege and then execute code in the Vista kernel."

Affecting the kernel in both the 32-bit and 64-bit versions of Windows Vista, the identified vulnerability could allow an attacker to take complete control of the affected system. The attacker could use their increased privileges to install programs; view, modify, erase, or remove data; or even create new accounts that possess full administrative rights to the system, applications, and data.

More information regarding the vulnerability and Microsoft Security Bulletin can be found at:

Microsoft Security Bulletin MS07-066 - Important Vulnerability

"Vulnerability research is a critical component in designing generic, effective, and efficient layers of protection," said Yann Torrent, Director of Research and Development at SkyRecon Systems, Inc. "At SkyRecon Systems, our research team aims to understand each Windows component in order to identify possible threats such that comprehensive protections can be built within our unified endpoint protection solution."

SkyRecon's StormShield uses multiple protection layers to address every aspect of endpoint and data protection and does so through a single, lightweight agent. As the industry's first unified endpoint protection solution to integrate behavioral-based host intrusion prevention with device control and content encryption, StormShield provides real-time defenses designed to protect an organization's endpoints and the critical business data that resides on them -- without the need for patches or signatures.

About SkyRecon Systems, Inc.

SkyRecon Systems is a premier global provider of system and data security solutions. With its multi-layered approach, SkyRecon's StormShield Unified Endpoint Protection solution delivers the industry's first integrated endpoint security product to provide single-agent protection for endpoint operating systems, applications, and sensitive data. SkyRecon's patented technologies meet the market's current and future requirements for protecting their networked and mobile PCs, offering the only lightweight security agent to deliver integrated device control, secure content encryption, application control, intrusion prevention, system firewall, network access control (NAC), with centralized dynamic policy management and enforcement.

SkyRecon Systems is also a contributing member of the SecureIT Alliance. For more information, please visit: http://secureitalliance.org/blogs/Skyrecon_Systems/Default.aspx.

SkyRecon Systems, Inc., 2033 Gateway Place, Suite 500, San Jose, CA 95110.

Tel. (877) 239 3057. www.skyrecon.com.

Contact Information