CyberGuard's Webwasher Jumps on Java Vulnerability; Vulnerability Via Sun's Java Virtual Machine Will Not Be Closed Short Term

Business Wire, Nov 23, 2004

BOCA RATON, Fla. -- A vulnerability in an application that is present on most desktop computers poses a significant security threat because it will not be closed by the usual Microsoft update process, according to security experts at Webwasher, a subsidiary of CyberGuard Corporation, (Nasdaq:CGFW), a provider of proven, intelligent, security solutions that protect business-critical assets at global 2,000 organizations and government entities worldwide. However, proactive filtering technology, which is included in the newest versions of Webwasher Content Security Management (CSM), protects users from the vulnerability discovered in Sun Microsystem's Java Virtual Machine (VM).

"Java VM is used extensively by many online services such as maps or chat portals," said Horst Joepen, CEO of CyberGuard's Webwasher subsidiary. "This vulnerability could have a major impact on most enterprises since even those with strict security policies do not usually forbid the download or use of Java."

Joepen explained that the vulnerability was available as a "proof of concept" code at this point and there had been no outbreak of a virus or worm as yet. But he added that once a vulnerability of this magnitude is exposed, it is usually not long before the vulnerability is exploited.

"Most PCs are vulnerable, since Java VM is downloaded when users try to access Web sites that check for a Java VM and then ask the user to automatically install it," Joepen said. "Since the Sun Java VM is not part of Windows, Microsoft patches won't help."

Joepen explained that Webwasher's proactive filtering offers protection against the Java VM vulnerability as well as against a class of "thinkable" virus attacks which use a similar approach. Proactive detection can replace hundreds or thousands of virus patterns that will need to be developed. It adds new schemes of attack to its proactive technology as vulnerabilities become known, instead of having to wait for a virus to hit and its pattern to be identified. Joepen pointed to two recent examples where proactive filtering protected customers from the first minute of a new attack:

--JPEG IE buffer overrun vulnerability (Sept. 12)

--Sober.I attack (Nov. 19)

Proactive filtering technology in Webwasher version 5.1 protects against malicious files and is part of Webwasher Antivirus and Webwasher Content Protection products.

About CyberGuard Corporation

CyberGuard Corporation (Nasdaq:CGFW) provides proven, intelligent, security solutions that protect business-critical information assets of Global 2,000 companies and government entities worldwide. The company's firewall/VPN, Total Stream Protection(TM), Global Command Center(TM) and Webwasher(R) product suites comprise a comprehensive, integrated security system, which offers highly adaptive, scalable solutions that intelligently guard against network intrusion and content-based vulnerabilities, detecting and eliminating security threats in real-time for performance optimization. CyberGuard has deployed more than 250,000 products in companies around the world to maintain the health and integrity of their enterprises. Headquartered near Boca Raton, Florida, the company has branch offices and training centers around the globe and can be located on the World Wide Web at http://www.cyberguard.com.

Forward-Looking Statement

This press release contains forward-looking statements that involve certain risks, uncertainties and factors, including without limitation, those described in the Company's filings with the Securities and Exchange Commission that may cause the Company's future actual results to materially differ from the Company's current expectations. The Company assumes no obligation to update any forward-looking statements.

CyberGuard(R) and Webwasher(R) are registered trademarks and Total Stream Protection(TM) and Global Command Center(TM) are trademarks of CyberGuard Corporation. All other trademarks are property of their respective owners.