Aladdin eSafe Gateway Solution Protects Against New WMF Exploit
Aladdin Knowledge Systems Ltd., a provider of security solutions, announced that its Aladdin eSafe integrated content security and anti-virus suite proactively protects organizations from the recently discovered WMF (Windows Meta File) exploit (MS05-053). The primary attack vector for WMF comes from manipulated Web-based images and pop-ups that download spyware and Trojans, as a result conventional content security solutions are unable to address this threat. The Aladdin Content Security Response Team (CSRT) has listed the WMF exploit as a "high" threat, with numerous spyware/adware sites already using several variants of exploited image files to automatically download and install various spyware and trojan components. The company said Aladdin eSafe is currently the only gateway product capable of providing complete protection against this threat and future variants. The Windows Meta File (WMF extension) vulnerability exploits a function within the WMF library in Windows. This zero-day vulnerability allows specially constructed image files to drop malicious content on to vulnerable systems. Typical types of attack include spyware Web pages containing image files that drop and execute certain Trojans and Spyware components upon visiting the site, as well as infected pop-up windows opening when visiting referral sites or visiting sites containing embedded infected banner ads. Downloaded Trojans, in turn, download other malware, thus increasing their hold on the infected PC. "With many desktop solutions not inspecting potentially infected images and with a fast-growing amount of spyware sites already exploiting variants of the WMF vulnerability, the Aladdin CSRT considers this a very serious threat," said Shimon Gruper, vice president of technologies for the Aladdin eSafe Business Unit. "Because it exposes computers to such a large number of dangerous security risks, the WMF vulnerability is the most significant threat we've seen in several months." "Computers can be infected with spyware without user interaction simply by visiting an infected Web site or downloading an infected image. Since many of the involved sites appear to promote pornography, drugs and pharmaceuticals, they may even be assisted by spam or even phishing emails that direct traffic to those sites. The WMF vulnerability is a serious threat that only a proactive solution such as Aladdin eSafe is designed to effectively block," said Gruper. Aladdin eSafe is an integrated gateway content security solution that provides proactive email security and Web browsing security. eSafe is said to offer the highest content security performance, encompassing layered anti-spyware, spam management, application filtering and proactive anti-virus technologies.
Reproduced from an article published by IT News Online
© IT News Online
The original article can be viewed here:
http://www.itnewsonline.com/showstory.php?storyid=2266&scatid=4&contid=3
Permalink Bookmark Digg this story
