Palo Alto Networks today announced that its Threat Research Team discovered two of the 11 vulnerabilities discovered in Microsoft’s Patch Tuesday security bulletin this week.
The first discovery is an Internet Explorer vulnerability rated "critical." Microsoft credited Palo Alto Networks exclusively for the "HTML Object Memory Corruption Vulnerability" (CVE-2008-2254), which could enable an attacker to exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user.
The second vulnerability, also exclusively credited to Palo Alto Networks, the “Microsoft Event System Vulnerability” (CVE-2008-1456) is rated "important" and could be used by an attacker to take complete control of an affected system. An attacker could then install programs; view, change or delete data; or create new accounts with full administrative rights.
These vulnerabilities represent the fourth and fifth Microsoft-related discoveries for the Palo Alto Networks Threat Research Team in the last 12 months. The previous three vulnerabilities were all rated “critical” and could result in remote code execution. They include:
- Agent Remote Code Execution Vulnerability (CVE-2007-3040)
- GDI Heap Overflow Vulnerabilities (CVE-2008-1083)
- GDI Stack Overflow Vulnerabilities (CVE-2008-1087)
Palo Alto Networks’ family of next-generation firewalls protects enterprises from any exploits that take advantage of these vulnerabilities, as well as a broad range of other threats. The Palo Alto Networks Threat Research Team is active in the research community, aggressively pursuing both new vulnerability research and mitigation of all types of threats.
About Palo Alto Networks
Palo Alto Networks™ enables visibility and policy control of applications running on enterprise networks. Based on innovative App-ID™ application classification technology, the Palo Alto Networks PA-4000 Series next-generation firewall accurately identifies applications – regardless of port, protocol, evasive tactic or even SSL encryption – at 10Gbps with no performance degradation. Enterprises can now set and enforce application usage policies to meet compliance requirements, improve threat mitigation and lower operational costs. The Palo Alto Networks team includes security and networking industry veterans from Check Point, NetScreen, McAfee, Cisco, Juniper and Blue Coat. It is backed by investors Globespan Capital Partners, Greylock Partners and Sequoia Capital. For more information, visit www.paloaltonetworks.com.
###
Palo Alto Networks, the Palo Alto Networks Logo, App-ID, FlashMatch and PAN-OS are trademarks of Palo Alto Networks, Inc. in the United States. All other trademarks, trade names or service marks used or mentioned herein belong to their respective owners.
