SkyRecon Research Team Provides Information Leading to Patch of Vista Flaw
SAN JOSE, CA--(Marketwire - December 14, 2007) - SkyRecon Systems, the premier provider of
unified endpoint security solutions, today announced that its research team
uncovered an elevation of privilege vulnerability
CVE-2007-5350 in the Microsoft® Windows® Vista™ operating
system.
"Windows Vista includes many new enhancements and features which improve
the overall operating system security," said Thomas Garnier, Senior
Research Engineer at SkyRecon Systems, Inc. "During our ongoing research in
the Windows Vista kernel and the ALPC interface, we found an important
vulnerability which could be used to gain privilege and then execute code
in the Vista kernel."
Affecting the kernel in both the 32-bit and 64-bit versions of Windows
Vista, the identified vulnerability could allow an attacker to take
complete control of the affected system. The attacker could use their
increased privileges to install programs; view, modify, erase, or remove
data; or even create new accounts that possess full administrative rights
to the system, applications, and data.
More information regarding the vulnerability and Microsoft Security
Bulletin can be found at:
Microsoft Security Bulletin MS07-066 - Important
Vulnerability
"Vulnerability research is a critical component in designing generic,
effective, and efficient layers of protection," said Yann Torrent, Director
of Research and Development at SkyRecon Systems, Inc. "At SkyRecon Systems,
our research team aims to understand each Windows component in order to
identify possible threats such that comprehensive protections can be built
within our unified endpoint protection solution."
SkyRecon's StormShield uses multiple protection layers to address every
aspect of endpoint and data
protection and does so through a single, lightweight agent. As the
industry's first unified endpoint protection solution to integrate
behavioral-based host intrusion prevention with device control and content
encryption, StormShield provides real-time defenses designed to protect an
organization's endpoints and the critical business data that resides on
them -- without the need for patches or signatures.
About SkyRecon Systems, Inc.
SkyRecon Systems is a premier global provider of system and data security
solutions. With its multi-layered approach, SkyRecon's StormShield Unified Endpoint Protection solution delivers the industry's first integrated
endpoint security product to provide single-agent protection for endpoint
operating systems, applications, and sensitive data. SkyRecon's patented
technologies meet the market's current and future requirements for
protecting their networked and mobile PCs, offering the only lightweight security agent to
deliver integrated device control, secure content encryption, application control, intrusion prevention, system firewall, network access control (NAC), with centralized dynamic policy
management and enforcement.
SkyRecon Systems is also a contributing member of the SecureIT Alliance.
For more information, please visit:
http://secureitalliance.org/blogs/Skyrecon_Systems/Default.aspx.
SkyRecon Systems, Inc., 2033 Gateway Place, Suite 500, San Jose, CA 95110.
Tel. (877) 239 3057. www.skyrecon.com.
Contact Information: Press Contact:
Sean Martin
CISSP
smartin@skyrecon.com
(949) 878-0592