RSS Feed
Twitter
Herndon, VA (NYSE) 18 August 2005
Secure Elements announced today that it will provide users of the C5 Enterprise Vulnerability Management Suite with a fully automated fix for the vulnerability with the Zero Day over the past 24 hours reveals exploit. Customers of Secure Elements were reported by the vulnerability, and use recommended corrective actions last night.
critical alert: Microsoft Internet Explorer “Msdds.dll” Remote Code Execution Vulnerability
FrSIRT has released
an exploit code for a critical vulnerability in Microsoft Internet Explorer 6.0, a remote attacker to execute arbitrary code and take complete control of an affected system. The problem is due to a memory error, that error occurs when instantiating the “Msdds.dll” object as an ActiveX control. The vulnerability is confirmed in Microsoft Internet Explorer 6.0 on Microsoft Windows XP Service Pack 2.
Secure Elements Security Lab engineers
believe that this exploit has a high probability, used to create a worm or virus in the near future, and have classified the vulnerability as AA? CriticalÂÂ?. Meanwhile, are not aware of a patch for this newly discovered vulnerability that one of our rehabilitation countermeasures mitigate this and other ActiveX based vulnerabilities and exploits that do not have a patch available.
C5 EVM users have advised using remediation SE-0002435 (the security level to AA? HighÂÂ is? in Internet Explorer) immediately due to the imminent danger represented by these zero-day exploit.
products are:
– Microsoft Internet Explorer 6.0
– Microsoft Internet Explorer 6.0 SP1
– Microsoft Internet Explorer 6.0 for Windows XP SP2
References:
– http://www.frsirt.com/english/advisories/2005/1450
– http://www.frsirt.com/exploits/20050817.IE-Msddsdll-0day.php
companies or others may contact Secure Elements at 1-800-709-5011 for more information or schedule interviews with expert sources from Secure Elements. available
About Secure Elements
Secure Elements, an enterprise vulnerability management leader, automates security remediation strategies and tactics across the enterprise, reducing business risk and IT management costs while improving performance and maintaining business continuity. Protect critical assets and network infrastructure from both known and unknown attacks without limiting operational performance, the company rapidly identifies and intelligently responds to complex and diverse security incidents. With real-time threat analysis, data analysis and Secure Elements provides administrators optimal security control across the enterprise. Herndon, Va.-based Secure Elements serves organizations in the federal government and critical infrastructure markets, and Global 1000 companies.
Contact:
Scott Armstrong
Secure Elements
Phone: (703) 709-5011
http://www.secure-elements.com
# # #
clear = “all”
Posted in 
Tags: 