Firewalls

SonicWALL Deploys Protection Against Zero Day Flaw in XML Core Services

Sonicwall Dec 08, 2006


SUNNYVALE, Calif., Nov. 10 -- SonicWALL, Inc. (NASDAQ:SNWL), a leading provider of network, Web, email security and backup and recovery solutions, has deployed protection against a zero day vulnerability in Microsoft XMLHTTP ActiveX Control Code Execution, part of Microsoft XML Core Services 4.0 on Windows, which could be used to seize control of an affected system. The vulnerability, affecting only systems that run Internet Explorer, is caused by an unspecified error in the XMLHTTP 4.0 ActiveX Control.

Shortly after it was identified, users of SonicWALL's Unified Threat Management technology received updated signatures designed to protect against the flaw.

The vulnerability is being actively used in attempted cyberattacks. Successful exploitation would allow the execution of arbitrary code if a user visited an attacker's Web site.

"If this vulnerability were exploited, it could lead to loss of confidential information, disruption of business, or other compromise," said Boris Yanovsky, vice president of security services at SonicWALL. "It's important for companies of all sizes to use dynamic threat prevention on their firewall so that their network defenses can be continually and automatically updated at the gateway, before any equipment behind the firewall can be compromised."

SonicWALL delivers zero day gateway anti-virus, anti-spyware and intrusion prevention signatures to its subscribers on a continual basis, allowing them to defend against new and existing Internet attacks and exploits.

Further information on this vulnerability is available at software.sonicwall.com/applications/ips/index.asp?ev=sig&sigid=3811 .

o MS XMLHTTP ActiveX Control Code Execution 0Day Generic Detection
SID:3811
o MS XMLHTTP ActiveX Control Code Execution 0Day Generic Detection 2
SID:3814
o MS XMLHTTP ActiveX Control Code Execution 0Day Generic Detection 3
SID:3815

About SonicWALL, Inc.

Founded in 1991, SonicWALL, Inc. designs, develops and manufactures comprehensive network security, email security, secure remote access, and backup and recovery solutions. SonicWALL is headquartered in Sunnyvale, California and trades on the NASDAQ under the symbol SNWL. For more information, contact SonicWALL at +1-408-745-9600 or visit the company web site at www.sonicwall.com/ .

FCMN Contact: mmcevoy@sonicwall.com

Source: SonicWALL, Inc.

CONTACT:
Mary McEvoy
SonicWALL, Inc
+1-408-962-7110
mmcevoy@sonicwall.com; or

Erin Collopy
The Hoffman Agency
+1-408-975-3041
ecollopy@hoffman.com, for SonicWALL, Inc.

Web site: www.sonicwall.com/

White Papers & Case Studies

View All White Papers & Case Studies

View All Resources

All Topics

Manufacturing Innovation

Industry Trends

Engineering & Design

Sales & Marketing

Supply Chain

Career & Workforce

Company News

New Products

Thomas Index

Daily Bite

Find Suppliers, Insights, Tools and More...

Become part of North America's largest and most active network of B2B buyers and industrial/commercial suppliers.

Select From Over 500,000
Industrial Suppliers

Find and evaluate OEMs, Custom Manufacturers, Service Companies and Distributors.

Receive Daily
Industry Updates

Stay up to date on industry news and trends, product announcements and the latest innovations.

Search Over
6 Million Products

Find materials, components, equipment, MRO supplies and more.

Download 2D & 3D
CAD Models

10+ million models from leading OEMs, compatible with all major CAD software systems.
Start Sourcing Suppliers Claim Your Company Profile ico-arrow-default-right
Cookie Policy
Close
Thomas uses cookies to ensure that we give you the best experience on our website. By using this site, you agree to our Privacy Statement and our Terms of Use.
Accept