eEye Digital Security Announces Availability of Free Vulnerability Scanner Following Discovery of Exploit Code for Critical CA Vulnerabilities

Business Wire, March 9, 2005

ALISO VIEJO, Calif. -- eEye Customers with Blink Already Protected Against Critical Vulnerabilities

eEye(R) Digital Security, a leading network security software company enabling businesses to protect and manage their network infrastructure, today announced the availability of a free vulnerability scanner for both its customers and security administrators worldwide. This free vulnerability scanner, which is based on eEye's industry-leading Retina(R) Network Security Scanner, is designed to identify machines vulnerable to attack due to the critical security flaws discovered within Computer Associates' (NYSE:CA) License Management software on Wednesday, March 2, 2005. Since that announcement, verified exploit code has been discovered, providing a point of entry for any worm and/or virus designed to take advantage of CA's vulnerabilities. More importantly, it has become clear that anyone that has ever evaluated CA software could potentially be at risk. Even if the program was removed manually, the License Manager code that includes the vulnerabilities could potentially still be on the machine, thus enabling an attacker to take control of the system remotely.

"This is another example of how the window of opportunity for remediating unpatched machines continues to shrink -- often to a few hours or less," said Firas Raouf, chief operating officer of eEye Digital Security. "The CA flaws are particularly tricky, as even those that diligently removed any CA products they may have evaluated are still at risk. eEye predicts that exploits targeting vulnerabilities within cross-platform enterprise software such as CA's will continue to rise as attackers seek new means to disrupt business. As a result, we remain focused on providing IT with enterprise-ready solutions to mitigate these types of risk and ensure business continuity."

These vulnerabilities enable an attacker to remotely execute code within the SYSTEM context, thus allowing them to take complete control of an affected system. The Computer Associates License Management software allows for the remote management and tracking of software licenses. The exploit code, which was discovered yesterday, has been verified by eEye's world-class research team as valid. Organizations that have deployed Retina have been able to scan for CA vulnerabilities since the announcement on March 2, 2005. Additionally, those organizations that have deployed Blink(R), eEye's award-winning endpoint security software, are already protected from this exploit and can postpone patching to regularly scheduled maintenance cycles.

The free vulnerability scanner designed to detect vulnerable machines is based on Retina, eEye's industry-leading network security scanner. As a result, enterprises are guaranteed the scans are non-intrusive and do not require administrative rights, thus enabling IT departments to scan their entire network without any business disruption. In order to download the free vulnerability scanner, as well as for further information and a technical description of the exploit and the associated vulnerabilities, please visit: http://www.eeye.com/html/resources/newsletters/update/OA20050309.html

About Retina

eEye's Retina Network Security Scanner identifies known security vulnerabilities and assists in prioritizing threats for remediation. Featuring fast, accurate, and non-intrusive scanning and the industry's most comprehensive vulnerability database, users are able to secure their networks against even the most recently discovered vulnerabilities. Retina has been recognized as the most accurate network scanner, while also being one of the easiest to implement and use. eEye's Retina is also the only network vulnerability scanner that can perform the majority of its scans without administrative rights, thus ensuring that global enterprises can quickly and easily secure their networks.

More than just a scanner, the Retina Enterprise Suite also provides workflow integration that gives enterprises the means to institutionalize protection strategies that will keep their businesses running. While many vulnerability assessment technologies can identify threats, this information is usually delivered to IT and security departments overwhelmed with other responsibilities and no means to delegate remediation tasks in an organized fashion. Retina offers not only vulnerability assessment, but remediation, patch automation and sophisticated workflow integration that allows IT and security departments to work together effectively to optimize resources and mitigate threats. For more information on Retina Network Security Scanner please visit: http://www.eeye.com/html/Products/Retina/

About Blink

Designed to be implemented on individual assets such as servers, PCs and laptops, Blink is the first endpoint product to combine multiple layers of security technologies to protect enterprises from zero-day attacks that leverage yet unknown vulnerabilities within enterprise networks. This comprehensive security solution allows enterprises to defer patching vulnerable machines until regularly scheduled maintenance cycles, thereby saving millions of dollars in business disruption and the associated IT resource drain caused by "panic" patching. Additionally, Blink eliminates the problem of so-called "socially engineered" security threats in which hackers trick individuals into downloading malware or otherwise making their own machines vulnerable to attack. As a result, Blink uniquely protects assets from vulnerabilities, as opposed to only thwarting attacks. For more information on Blink please visit: http://www.eeye.com/html/Products/Blink/