FireEye Provides Pre-Patch Protection from Worm Attack Code Without Requiring Profile or Update Checks


Department of Homeland Security (DHS) Issues Warning of Potential Widespread Damage Affecting Millions

MENLO PARK, Calif., Aug. 11 // -- FireEye, Inc., a pioneer in Network Access Control (NAC) technology, today announced that its flagship FireEye 4200 NAC appliance provides plug-and-protect defense for its customer's network systems that are susceptible to the latest "critical" Microsoft Windows vulnerabilities. FireEye's solution does not require patches or updates to protect against the vulnerability (described in Microsoft Security Bulletin MS06-040) that could be used in a widespread worm attack.

The vulnerability affects Windows Server services which are generally enabled by default on Windows systems, and are used for common network applications like file sharing and printing. According to the Department of Homeland Security (DHS), it has the potential to impact government systems, private industry and critical infrastructure, as well as individual home users and infect millions of computers for the purposes of sending spam, stealing credit card numbers, or other malicious activities. An attacker who successfully exploits the vulnerability could take complete control of an affected system and cause damage by installing programs; view, change, or delete data; or by creating new accounts with full user rights.

"It's important to follow the patch guidelines recommended by the vendors; however, vendor deployed patches after the fact can often come too late. This recent vulnerability is a perfect example where focusing on the infection, not policy compliance, is critical," said Ashar Aziz, founder and CEO of FireEye, Inc.

The FireEye 4200 NAC solution is equipped with the FireEye Attack Confirmation Technology (FACT) engine, which uses patent-pending virtualization technology to assess suspect machine network traffic and then provides conclusive attack confirmation prior to taking any quarantine actions or denying access to the network, thus eliminating the need to resolve false positives. Once a machine has been deemed infected with worms, network-borne malware, or zero-day attacks, it is immediately quarantined, protecting internal network resources from the damage of a serious attack.

Although FireEye's customers are already protected, the company recommends that in addition to the Microsoft patch, enterprise organizations put a system in place that can block threats like this from infecting and damaging the network.

About FireEye, Inc.

FireEye, Inc. is a pioneer in Network Access Control (NAC), leveraging patent-pending virtualization technology within a network appliance to examine the impact of suspicious network traffic in an instrumented virtual environment. The result is an appliance-based approach that provides the most accurate, effortless attack detection and containment technology available. FireEye's advanced technology provides impregnable and streamlined security operations with zero unnecessary quarantines, zero complex configurations, and zero management issues for enterprise-wide protection of the internal network. Founded in 2004 and headquartered in Menlo Park, California, FireEye is funded by Norwest Venture Partners and Sequoia Capital. For more information, call (650) 543-1600, email info@fireeye.com or visit the FireEye Web site at www.fireeye.com/ .

Contact Agency:
Rachel Kaseroff
Tel: 415-819-4232
Email: fe@trainercomm.comelizabeth@fireeye.com

Contact Company:
Elizabeth Hernandez-Jones
Trainer Communications
FireEye, Inc.
Tel: 650-543-1863
Email: elizabeth@fireeye.com

Source: FireEye, Inc.
Web site: www.fireeye.com/

All Topics