Skip to page contents

---

International (select)  Extranet |

---

---

Products    Training    Support    Downloads    Partners Contact | About us | Press & Media | Investor Relations

---

Press Releases | RSS Feeds | Events | Expert Insights | Newsroom | Brand Place | Contact Information | Use Terms |

---

• English
• 2012
• 2011
• 2010
• 2009
• 2008
• 2007
• 2006
• 2005
• 2004
• 2003
• English (US)
• Deutsch
• Español
• Français
• Italiano
• Suomeksi

---

---

Press Release

StoneGate IPS provides protection against the latest Adobe and Microsoft vulnerabilities

Helsinki, Finland, 14 June 2010 – Stonesoft, an innovative provider of integrated network security and business continuity solutions, has today announced its StoneGate IPS (Intrusion Prevention System) provides efficient protection against the latest critical vulnerability that exists in Adobe Flash Player, Adobe Reader and Acrobat as well as the Microsoft vulnerability.

According to the Adobe security advisory last updated on 10 June 2010, the recent vulnerability (CVE-2010-1297) could cause a crash and potentially allow an attacker to take control of the affected system. The user is coaxed to open a PDF document that contains malicious code. The code attacks the user client via the web browser and can cause a lot of damage. There are reports that this vulnerability is being actively exploited in the wild against both Adobe Flash Player, and Adobe Reader and Acrobat.

Similarly, in the Microsoft vulnerability, the user is led to download a web page, which then uses the Windows help program to break into the client. Upon successful exploitation, the remote attacker is able to execute arbitrary commands with the privileges of the user.

StoneGate IPS offers efficient protection against both of the above-mentioned vulnerabilities. StoneGate IPS is capable of identifying and terminating the attacks when the web page or PDF document is opened and/or downloaded. The system can also stop emails that carry the PDF file as an attachment, or, in cases where the strongest possible protection is required, even prevent the downloading of any Adobe Flash content. Thus, all Stonesoft customers that use StoneGate IPS to protect their networks are not affected by these vulnerabilities.

“The latest Adobe and Microsoft vulnerabilities are examples of so-called client side attacks, which are becoming increasingly common. Client side attacks are particularly harmful as they can penetrate through traditional firewalls, and a huge number of users are affected by these vulnerabilities. When successfully exploited, these vulnerabilities allow the attacker to read and modify any files and steal personal information such as user IDs and passwords. The compromised hosts are also usually joined into botnets. These vulnerabilities were also disclosed and exploited before patches became available, so it is extremely difficult to protect hosts from these attacks without external security devices, such as StoneGate IPS”, explains Olli-Pekka Niemi , Vulnerability Expert and team leader of the Vulnerability Analysis team at Stonesoft.

“Malware is spreading in the Internet regardless of the financial crisis, and organizations should not save in the wrong places. Cleaning up after damage is always a lot more expensive than attack prevention. In practice, organizations who do not have an adequate intrusion prevention system in place, will first pay for cleaning up and then for the implementation of the system. StoneGate IPS customers have full protection against dynamic vulnerabilities and can focus on their business”, said Klaus Majewski, Vice President of Marketing at Stonesoft.


For more information about the vulnerabilities, please visit

http://www.cert.fi/haavoittuvuudet/2010/haavoittuvuus-2010-086.html (in Finnish)
http://www.adobe.com/support/security/advisories/apsa10-01.html
http://www.microsoft.com/technet/security/advisory/2219475.mspx

Contact:

For more details, please contact:
Klaus Majewski
VP, Marketing
Stonesoft Corporation
Tel. +358 9 476 711
E-mail: klaus.majewski(AT)stonesoft.com

About Stonesoft

Stonesoft Corporation (NASDAQ OMX: SFT1V) is an innovative provider of integrated network security solutions to secure the information flow of distributed organizations. Stonesoft customers include enterprises with growing business needs requiring advanced network security and always-on business connectivity.

StoneGate™ Secure Connectivity Solution unifies firewall, VPN (Virtual Private Network), IPS (Intrusion Prevention System) and SSL VPN blending network security, end-to-end availability and award-winning load balancing into a unified and centrally managed system. The key benefits of StoneGate the solution include low TCO (Total Cost of Ownership), excellent price-performance ratio and high ROI (Return on Investment). The StoneGate Virtual Security Solutions protect the network and ensure business continuity in both virtual and physical network environments.

StoneGate Management Center provides unified management for StoneGate Firewall with VPN, IPS and SSL VPN. StoneGate Firewall and IPS work together to provide intelligent defense all over the enterprise network while StoneGate SSL VPN provides enhanced security for mobile and remote use.

Founded in 1990, Stonesoft Corporation is a global company with corporate headquarters in Helsinki, Finland and Americas headquarters in Atlanta, Georgia. For more information, visit www.stonesoft.com and the corporate blog http://stoneblog.stonesoft.com.

Monday, June 14, 2010

---