Windows JPEG Vulnerability Protection

    September 30, 2004

Secure Computing’s Sidewinder G2 Security Appliance customers that have activated the Sidewinder’s embedded anti-virus module have protection from an expected wave of malicious worms exploiting the recently announced Windows JPEG vulnerability – before the worms can reach unprotected desktops.

The proliferation of application-level attacks and other security threats is a major driver of the emerging market for Unified Threat Management (UTM) security appliances. A new report by analyst firm IDC named Secure Computing as one of three leaders with a 21.7 percent share in the new UTM security appliance market, which is expected to grow to $2 billion by 2008.

US-CERT advisory TA04-260A describes a remotely exploitable vulnerability in Microsoft’s Graphic Device Interface Plus (GDI+) JPEG processing component, which is used by a wide array of Windows programs, including Word, Excel, Outlook, and Internet Explorer. What is particularly disturbing about the vulnerability is that unprotected desktops can be taken over by a remote hacker after a user performs a routine function such as opening an e-mail or even viewing a webpage that contains the malicious code, passing right through traditional firewalls. Microsoft has issued a series of patches to protect customers from the vulnerability.

Secure Computing’s Sidewinder G2 Security Appliance customers who have deployed the Sidewinder’s embedded anti-virus module are protected from the vulnerability – even if their desktops do not have the Microsoft patch. Embedding security software at the gateway on a UTM security appliance, such as anti-virus, anti-spam, and web filtering, provides an important added level of protection to security gateway architecture, in addition to regular desktop patches and desktop security software.

“Unified Threat Management Security Appliances are a rapidly growing market because they offer more comprehensive protection on a single platform, reduced complexity, and simplified troubleshooting. IDC forecasts that the unified threat management security appliance market will grow at a compound annual growth rate of 80.1% between 2003 and 2008, which will translates into a total market of $2 billion,” said Charles Kolodgy, research director for Security Products at IDC. “Secure Computing is one of three leaders in the UTM security appliance market, with a 21.7 percent share in the UTM security appliance market in 2003.”

IDC defines Unified Threat Management security appliances as a combination of hardware, software, and networking technologies whose primary function is to perform specific or multiple security functions. Threat management security appliances consist of hardware with a hardened operating system (OS), a limited applications set, and no user software installation.

“During the last 12 months, enterprise customers have been hit with wave after wave of worms, Trojans, viruses, and other exploits, and this is serving as a wake-up call,” said Mike Gallagher, senior vice president of product development for Secure Computing. “More and more customers understand the benefit of a UTM security appliance that stops malicious attacks at the ‘front door,’ rather than waiting until the attacker reaches desktops or until the attack is propagated throughout a customer’s infrastructure.”

In addition, Secure Computing’s all-in-one security appliance also includes e-mail key-word filters, and e-mail message size and attachment filters that are capable of stopping mail-propagated worms of all kinds, both known and unknown. The eleven models of the Secure Computing branded appliances include the most comprehensive set of Application Defenses for the widest variety of security applications in the industry; including a market leading application-layer firewall/VPN, anti-spam, anti-virus, employee web browsing controls, SSL termination and clientless VPN access.

WinXPdigest keeps you updated on the latest tips, how to’s, and patches that will keep your computer operating at optimum condition.