Until Microsoft Issues a Patch, eSoft Customers are Protected
Broomfield, Colo. – October 6, 2009 – eSoft, Inc., a leading network security company that provides integrated Internet security solutions, today announced that its customers are protected against the latest Microsoft Internet Explorer (IE) vulnerability. Customers using eSoft’s Intrusion Prevention technology in blocking mode, web filtering configured to block malicious websites, and gateway anti-virus are protected until Microsoft releases a patch to fix the dangerous flaw.
The vulnerability, disclosed by Microsoft on July 6 in Microsoft Security Advisory (972890), affects IE users whose computers run the Windows XP or Windows Server 2003 operating software, and it can allow hackers to remotely take control of victims’ machines. Victims simply have to visit a Web site that’s been hacked to get infected and often are drawn to the site by clicking a link in a spam e-mail.
The “zero-day” vulnerability affects a part of its software used to play video, and the problem arises when the software interacts with Internet Explorer, when it opens a hole for hackers to tunnel into, according to sources. eSoft customers should keep make sure they have the Web ThreatPak installed and configured to have Gateway Anti-Virus on, Intrusion Prevention in blocking mode, and SiteFilter setup to block malicious and compromised websites.
“This is another example of an unexpected vulnerability eSoft’s Threat Prevention Team works 24/7 to protect users against,” said Patrick Walsh, eSoft’s Chief Technology Officer. “We are urging customers to stay on top of updates from Microsoft and keep their eSoft appliances updated and configured for maximum security.”
For information on the vulnerability, see www.microsoft.com/technet/security/advisory/972890.mspx. eSoft customers are urged to view the company’s FAQ on the subject at esoft.com/alerts/cve-2008-0015.cfm.