Contact Information: Press Contact: Sean Martin, CISSP smartin@skyrecon.com (949) 878-0592
SkyRecon Security Helps Secure New Windows Kernel-Level Exploit
Compromised Windows Kernel Surrenders Control of Entire System
| Source: SkyRecon Systems
SAN JOSE, CA--(Marketwire - March 11, 2009) - SkyRecon Systems® (www.skyrecon.com), the
premier provider of integrated, proactive endpoint security solutions,
today announced that its research team has recently uncovered the
kernel-level vulnerability CVE-2009-0082. This Windows kernel
vulnerability, if exploited, could allow for a local elevation of
privilege, and ultimately, compromise of both the system and its data.
The Microsoft® Windows® kernel is the core of the operating system. The
kernel-level vulnerability affects all Microsoft® Windows® 2000 and
newer versions of the operating system. Successful exploitation of the
vulnerability could lead to the execution of arbitrary code in kernel mode,
and allow for complete control to be taken of the affected system. An
attacker could then install programs; view, change or delete critical data;
and even create new accounts with administrative user rights.
"In addition to building leading-edge unified client security solutions to
secure the Windows operating environment, our research and development team
strive to provide Microsoft with information we uncover in order to
strengthen the security of their operating systems and related
applications," said Yann Torrent, R&D Director at SkyRecon Systems Inc.
"During our ongoing security research of the Windows kernel environment, we
found that the kernel didn't validate these handles properly, exposing this
vulnerability that could be used to gain elevated privileges, allowing for
unapproved access and control over the endpoint."
More information regarding the vulnerability and the Microsoft Security
Bulletin can be found at:
-- Microsoft Security Bulletin MS09-006 - Critical Vulnerability
Accredited to Thomas Garnier, SkyRecon Systems
SkyRecon's partnership with Microsoft and its ongoing and recent vulnerability research,
enable the innovative endpoint security vendor to be proactive in
responding to the customer need for an endpoint security solution that
proactively protects the system and data from compromise while not eating
up their precious hardware and IT staff resources.
StormShield Security Suite delivers proactive protection for the system and
the data through its unique multi-layered, light-weight, single-agent
endpoint protection platform, providing risk-based control and dynamic policy
enforcement for:
anti-virus/anti-spyware, device control, full-disk and file-based
encryption, host-based intrusion
prevention (HIPS), system
firewall, application
control, wireless
security, and network access
control (NAC).
About SkyRecon Systems Inc.
Founded in 2003, SkyRecon Systems is a leading global provider of endpoint
protection platforms. With its award-winning endpoint security solutions,
organizations are able to ensure protection and enforce policy for the
endpoint systems, applications, data and users upon which their business
relies. The company is a contributing member of the SecureIT Alliance, has
received the prestigious Red Herring 100 Award, and has been named
"Entrepreneurial Security Company of the Year" by Frost & Sullivan.
StormShield has again received 4 stars in the SC Magazine Endpoint Security
Group Test, has been nominated as a finalist for the SC Awards magazine in
the US Best Mobile Device Security Solution category and the 2008
TechWorld.com Awards in the Endpoint Security Product of the Year category,
and was also recently selected as a top 10 vendor for the 2008 Computer
Reseller News list of
Emerging Tech Vendors You Need to Know.
More information about SkyRecon can be obtained by visiting
www.skyrecon.com, attending an educational security webinar, or by calling
(877) 220-4178.
SkyRecon, the SkyRecon logo, StormShield, and TradeShield are registered
trademarks of SkyRecon Systems Inc. All other product or service names are
the property of their respective owners.