Websense® Security Labs(TM) Reports Spreading of Unpatched Internet Explorer Vulnerability

Websense® Web Security Suite(TM) customers automatically protected from latest exploit by utilizing Real-Time Security Updates(TM)

SAN DIEGO, March 27 -- Websense, Inc. (NASDAQ:WBSN), a global leader in web security and web filtering productivity software, today announced that Websense® Security Labs(TM) has discovered a rapidly growing amount of unique URL's attacking a recently found vulnerability within Microsoft Internet Explorer (IE). The latest "zero-day" vulnerability within IE, which currently has no patch available, allows the launching of malicious code on an end user's machine without consent. Utilizing this exploit, a hacker could gain control over a vulnerable machine by crafting special code hosted on websites.

Websense Security Labs has discovered hundreds of websites that are specially crafted to exploit the IE vulnerability to run code on the user's machine. The websites are each intended to take advantage of the vulnerability by running shell code that connect to the Internet via HTTP and download one of several pieces of malicious code, including Bot variants, backdoors, and other Trojan Horses. Websense Web Security Suite(TM) customers are automatically protected from these new threats by utilizing Real-Time Security Updates(TM) which provide real-time updates to Websense's URL database as malicious websites exploiting this vulnerability are found.

"This exploit demonstrates the power of the Websense security solution. Even before the vulnerability can be patched and anti-virus signatures were available, Websense security customers were protected," said Leo Cole, vice president, marketing for Websense, Inc. "This level of detection and automatic protection is only available with Websense's web security approach."

Utilizing honey clients, Websense Security Labs is constantly scanning the internet for malicious websites that are attacking this vulnerability. As new websites are discovered and researched, they are added to the Websense URL database and categorized.

"Websense Security Labs utilizes a sophisticated process to scan over 75 million websites per day, looking for malicious websites and advanced internet attacks," said Dan Hubbard, senior director of security and technology research for Websense, Inc. "As Websense Security Labs discovers websites attacking this new IE vulnerability, we are able to provide immediate and continuous protection to our customers."

Utilizing a worldwide network of computers, data mining processes, customer feedback loops, and malicious code categorization expertise, Websense Security Labs proactively discovers and immediately defends customers against web-based threats. Details about this IE vulnerability from Websense Security Labs is located at: http://websensesecuritylabs.com/alerts/alert.php?AlertID=449.

Websense software is available for organizations who wish to protect themselves from internet and application security threats. For a free 30-day evaluation of Websense software or for more information on protecting your organization from a wide range of threats including spyware, peer-to-peer, virus outbreaks and internal hacking exploits, please visit www.websense.com. Websense Security Labs offers free email security updates as new internet threats are discovered and is available at www.websensesecuritylabs.com.

About Websense, Inc.

Websense, Inc. (NASDAQ:WBSN), a global leader in web security and web filtering software, is trusted to protect 24 million employees worldwide. Websense proactively discovers and immediately protects customers against web-based threats such as spyware, phishing attacks, viruses and crimeware with maximum protection and minimal effort. With diverse partnerships and integrations, Websense enhances our customers' network and security environments. For more information, visit www.websense.com

Source: Websense, Inc.

CONTACT: Ronnie Manning, Websense, Inc., 858-320-9274,

Web site: www.websense.com/

All Topics