Determina Announces Immediate Availability of Protection from Critical Microsoft Zero-Day Vulnerability

Business Wire, Sept 29, 2006

Free VPS Shield to Provide Protection from All Exploits against Vulnerability without Changing System Files, Configuration, or Functionality

REDWOOD CITY, Calif. -- Determina[R] Inc. today announced that it is making a free VPS Shield available for the latest Microsoft zero-day vulnerability announced on September 28, 2006. This vulnerability does not have a vendor patch available, potentially exposing customers to attacks that exploit this zero-day vulnerability.

The previous VPS Shield that Determina produced for the WMF vulnerability was a huge success. Thousands of individuals and enterprises downloaded and deployed the Shield, which can be installed directly onto an affected system without any modifications to critical Windows files, configuration, or functionality. Once the patch is available and the user deploys it on their system, Determina VPS automatically detects the patch and no longer applies the Shield. Determina intends to continue to deliver free shields when there are critical zero-day outbreaks for which there are no patches available.

Determina customers who have the Vulnerability Protection Suite (VPS) are not threatened by these vulnerabilities and have true "zero-day" threat protection from any attacks.

Third-party patches - yes, there is a difference

Unlike other so called "third-party patches" available from other vendors and researchers, Determina's Shields do not modify any system files or configuration of a system, and do not disable any critical system functionality on the affected system. In some cases, "patches" from other vendors can result in permanent modification to the system, making it hard or impossible to revert back to the original system configuration when the "patch" is removed.

Determina's Shields are also based on the vulnerability itself, and not on any specific attack vector. Therefore, any malware that utilizes these vulnerabilities to infect a system will be stopped, even if the attacker changes the attack. Unlike other attack-oriented security products from other vendors, Determina VPS is the only system that provides customers with true "vulnerability protection" that directly fixes the vulnerability in the code itself.

"Users remain vulnerable to these zero-day vulnerabilities until Microsoft releases a patch. Today's anti-virus and anti-spyware products are already known to be ineffective in preventing attackers from compromising systems using "drive-by" and other techniques - the signatures simply cannot keep up with the large number of malware variants," said Sandy Wilbourn, VP of Engineering and Customer Support, Determina.

Free downloadable fix available

As reported in a Sept. 28, 2006 Determina Security Advisory, a remote code execution vulnerability exists in the Internet Explorer WebViewFolderIcon ActiveX control that could allow remote attackers to hijack an affected system to execute malicious code or install spyware. Determina's VPS Memory Firewall, by default, protects users against code execution that may result from exploitation of the memory corruption based vulnerabilities reported in this advisory. The full advisory is available at http://www.determina.com/security_center/security_advisories/ securityadvisory_0day_09282.asp. (Due to its length, this URL may need to be copied/pasted into your Internet browser's address field. Remove the extra space if one exists.)

Determina has also released a free, downloadable Shield to the general public. This standalone Shield for Internet Explorer will prevent this critical vulnerability from being exploited until Microsoft is able to issue a patch. Desktop users without proactive protection against vulnerability exploits may consider installing this Shield if they believe they might have exposure to web-based attacks.

The Shield can be downloaded from Determina's Security Research website at http://www.determina.com/security.research/. The Shield applies to all currently known affected versions of Windows. The Shield fixes the flawed code in memory when a vulnerable version of the ActiveX control in Internet Explorer is running, without affecting the installation of the web browser on disk or disabling any browser functionality. It should also not interfere with the installation of a Microsoft patch when one becomes available.

Determina Vulnerability Protection Suite (VPS): Real-Time Vulnerability Protection

Determina VPS' unique ability to protect against 100 percent of critical Windows vulnerabilities has earned positive reviews in leading publications, including InfoWorld, PC Magazine, and Secure Enterprise. The company also received the InfoWorld 2005 Innovators Award for its pioneer work in mitigating critical Windows vulnerabilities.

Unlike attack-oriented security technologies, vulnerability protection offers customers the ability to comprehensively address the security and operational issues around security and patching. The Determina VPS suite offers comprehensive vulnerability protection though its two products: Memory Firewall[TM], which provides proactive, zero-day protection for the most dangerous class of vulnerabilities, and LiveShield[TM], which provides precise vulnerability protection in real-time.