Internet Security Systems Discovers Critical Vulnerability In Microsoft Windows Plug And Play Service, Preemptively Protects Customers; Company Also Protects from Additional Microsoft Vulnerabilities

Business Wire, August 9, 2005

ATLANTA -- Internet Security Systems, Inc. (ISS) (NASDAQ: ISSX) today announced that the company's X-Force(R) Research and Development Team has discovered a critical vulnerability in the Windows Plug and Play service, and has delivered preemptive customer protection for this and other vulnerabilities announced today in Microsoft's monthly security bulletin.

Plug and Play is a Windows service designed to handle installation, configuration and notification of new devices. The flaw in Plug and Play discovered by X-Force is remotely exploitable in the default configuration of Windows 2000 and is present in all modern Windows operating systems. Currently, no exploits for this flaw are available to the public at large; however, ISS X-Force believes there is a probability that this vulnerability will be exploited as a worm, most likely in a targeted fashion, but also possibly as a broader worm attack against the Windows 2000 Operating System.

Successful exploitation of this vulnerability could be leveraged to gain complete control of target systems and might lead to malware installation, exposure of confidential information or further network compromise. Due to the widespread use of the affected operating systems and the critical nature of the component affected, it is likely that servers and desktops used for a wide variety of purposes are vulnerable to compromise.

ISS customers have been preemptively protected from this issue since March of this year.

Additional Vulnerabilities - ISS is also tracking and providing customers with preemptive protection for issues in two other Microsoft technologies prevalent in the Windows operating system. The first technology, the Windows Print Spooler service, is essential for both local and network printing and contains a remotely exploitable heap-based buffer overflow that could allow an attacker to fully compromise an affected machine without any user interaction. X-Force is also looking into issues in JPEG image parsing in Internet Explorer. These issues could also be used to remotely compromise a system with minimal user interaction if a user could be induced to view a malicious image.

Available Protection - Organizations that have deployed ISS products from the Proventia(R) Enterprise Security Platform or that use ISS Managed Security Services are preemptively protected against these threats. For additional information on affected infrastructure or on Microsoft's suggested methods of mitigating exposure, please visit: http://www.microsoft.com/technet/security/current.aspx.> For more information on Internet Security Systems(TM) preemptive protection offerings, please visit: http://www.iss.net/proof/preemptiveprotection/.> The full ISS X-Force advisory on Windows Plug and Play can be found at: http://xforce.iss.net/xforce/alerts/id/202.> The full ISS X-Force alert on today's Microsoft updates can be found at: http://xforce.iss.net/xforce/alerts/id/203.> About Internet Security Systems, Inc.

Internet Security Systems, Inc. (ISS) is the trusted expert to global enterprises and world governments, providing products and services that protect against Internet threats. An established world leader in security since 1994, ISS delivers proven cost efficiencies and reduces regulatory and business risk across the enterprise. ISS products and services are based on the proactive security intelligence conducted by ISS' X-Force(R) research and development team - the unequivocal world authority in vulnerability and threat research. Headquartered in Atlanta, Internet Security Systems has additional operations throughout the Americas, Asia, Australia, Europe and the Middle East. For more information, visit the Internet Security Systems Web site at www.iss.net or call 800-776-2362.

Internet Security Systems is a trademark and X-Force and Proventia are registered trademarks of Internet Security Systems, Inc. All other companies and products mentioned are trademarks and property of their respective owners.