SkyRecon StormShield Protects Un-patched Windows Environments

SAN JOSE, CA--(Marketwire - October 27, 2008) - SkyRecon® Systems (www.skyrecon.com), the premier provider of integrated, proactive endpoint security solutions, today announced that its StormShield Security Suite provides automatic protection for organizations running the Windows operating system and that have yet to deploy the most recent patch from Microsoft as describe in the Microsoft Security Bulletin MS08-067, which was released out-of-band Thursday of last week.

This particular vulnerability type is known as a 'Stack Underflow' and is located within the RPC components of Windows that become available once file/printer sharing is activated by the user of the system. This service, known as the "Microsoft Windows Server Service," is available without the need for any credentialed account on Windows XP, 2000 and 2003. On Windows Vista and 2008, an authenticated account is required to access the service. While the default Windows Firewall configuration has this component blocked, an unmanaged or otherwise compromised endpoint could have this service available. Without integrated and enforceable firewall, host intrusion prevention, and application control, any endpoint could find itself at risk of attack.

This vulnerability has been seen in the wild, and while there have been no immediate signs of widespread or broad attack, there certainly have been a fair share of targeted attacks as noted in a Microsoft blog related to the vulnerability and its exploit at http://blogs.technet.com/msrc/archive/2008/10/26/update-on-ms08-067.aspx. The targeted attacks appear to be driven by TrojanSpy:Win32/Gimmiv.A and TrojanSpy:Win32/Arpoc.A, which is the specific attack associated with Exploit:Win32/MS08067.gen!A. Both of these attacks are Trojans, not self-replicating worms.

"SkyRecon's StormShield Security Suite protects Windows laptops, desktops, and servers running our lightweight client," says Thomas Garnier, Senior Research Engineer at SkyRecon Systems. "By simply having the StormShield 'Protection against overflow' option set to 'Critical' or 'High,' our customers' systems were automatically protected from attack, even without the Windows patch being deployed. This is another example of where our clients benefit from SkyRecon's ongoing research and development in partnership with Microsoft."

StormShield Security Suite provides proactive protection for the system and the data delivered through a multi-layered, light-weight single endpoint protection platform, providing dynamic and risk-based policy control and enforcement for: anti-virus/anti-spyware, device control, content encryption, host-based intrusion prevention (HIPS), system firewall, application control, wireless security, and network access control (NAC). To learn more about the comprehensive protection and dynamic policy enforcement available in StormShield, be sure to register for an upcoming educational webinar at http://skyrecon.com/webinars.

About SkyRecon Systems Inc.

Founded in 2003, SkyRecon Systems is a leading global provider of endpoint protection platforms. With its award-winning single-policy endpoint security solutions, organizations are able to ensure protection and enforce policy for the endpoint systems, applications, data and users upon which their business relies. The company is a contributing member of the SecureIT Alliance, has received the prestigious Red Herring 100 Award, and has been named "Entrepreneurial Security Company of the Year" by Frost & Sullivan. StormShield has again received 4 stars in the SC Magazine Endpoint Security Group Test, has been nominated as a finalist for the SC Awards magazine in the US Best Mobile Device Security Solution category and the 2008 TechWorld.com Awards in the Endpoint Security Product of the Year category, and was also recently selected as a top 10 vendor for the 2008 Computer Reseller News list of Emerging Tech Vendors You Need to Know.

More information about SkyRecon can be obtained by visiting www.skyrecon.com, attending an educational security webinar, or by calling +1 (877) 239-3057.

SkyRecon, the SkyRecon logo, StormShield, and TradeShield are registered trademarks of SkyRecon Systems Inc. All other product or service names are the property of their respective owners.

Contact Information: Press Contact: Sean Martin, CISSP smartin@skyrecon.com (949) 878-0592