Maarssen – April 14, 2005 – TippingPoint, a division of 3Com (Nasdaq: COMS) and the leader in intrusion prevention (IPS), today announced that its Digital Vaccine security research team released preemptive vulnerability filters, the same day the advisories were disclosed by Microsoft. The security filters, also known as Virtual Software Patches, were distributed to customers in real-time after extensive accuracy and performance testing.
“Our Digital Vaccine service delivers the most comprehensive, preemptive protection at a faster pace than any other security solution on the market,” said TippingPoint’s Chief Technology Officer, Marc Willebeek-LeMair. “This rapid response is crucial in light of the shrinking window of time it takes for exploits to emerge and the importance of maintaining the integrity of the network, particularly as more enterprises migrate to converged networks. Other security technologies are reactive, requiring the knowledge of an attack to develop a signature based on pattern-matching methodologies.”
TippingPoint’s Digital Vaccine service preemptively defends against zero-day attacks targeting vulnerabilities, including those announced in this month’s Microsoft advisories. Vulnerability-based protection can only be found through intrusion prevention systems, and TippingPoint has been validated by third parties as offering the most comprehensive and accurate security coverage. In the case where the vendor does not issue a patch when the vulnerability is disclosed, IPS is the only viable option to secure the network.
To develop a vulnerability filter, the developer must fully understand the vulnerability and how it could potentially be exploited. The filter must be 100 percent accurate, not limit performance, and must cover and guard against all of the methods a hacker could exploit the vulnerability by understanding all attack vectors. In general, IPS vulnerability filters depend upon a series of complex operations, which are possible only with purpose-built, custom hardware such as TippingPoint’s IPS.
TippingPoint’s IPS provides protection for the following advisories announced by Microsoft today:
(1) MS05-016
Vulnerability in Windows Shell Could Allow Remote Code Execution
(Rating: Important)
(2) MS05-017
Vulnerability in MSMQ Could Allow Code Execution
(Rating: Important)
(3) MS05-019
Vulnerabilities in TCP/IP Could Allow Remote Code Execution and Denial of Service
(Rating: Critical)
(4) MS05-020
Cumulative Security Update for Internet Explorer
(Rating: Critical)
(5) MS05-021
Vulnerability in Exchange Server Could Allow Remote Code Execution
(Rating: Critical)
(6) MS05-022
Vulnerability in MSN Messenger Could Lead to Remote Code Execution
(Rating: Critical)
(7) MS05-023
Vulnerabilities in Microsoft Word May Lead to Remote Code Execution
(Rating: Critical)
For more information on the Microsoft vulnerabilities, click here.
TippingPoint’s Intrusion Prevention Systems provide Application Protection, Performance Protection and Infrastructure Protection at gigabit speeds through total packet inspection. Application Protection capabilities provide fast, accurate, reliable protection from internal and external cyber attacks. Through its Infrastructure Protection capabilities, TippingPoint’s IPS protects VoIP infrastructure, routers, switches, DNS and other critical infrastructure from targeted attacks and traffic anomalies. TippingPoint’s Performance Protection capabilities enable customers to throttle non-mission critical applications that hijack valuable bandwidth and IT resources, thereby aligning network resources and business-critical application performance.
NOTES TO EDITORS
About TippingPoint, a division of 3Com
TippingPoint, a division of 3Com, is the leading provider of network-based intrusion prevention systems that deliver in-depth Application Protection, Infrastructure Protection, and Performance Protection for corporate enterprises, government agencies, service providers and academic institutions. Our innovative approach offers customers unmatched network-based security with unrivaled economics, ultra-high performance, scalability and reliability. TippingPoint is based in Austin, Texas, and can be contacted through its Web site at www.tippingpoint.com or by telephone at 1-888-TRUE-IPS.
About 3Com Corporation
3Com is a leading provider of secure, converged voice and data networking solutions for enterprises of all sizes. 3Com offers a broad line of innovative products backed by world class sales, service and support, which excel at delivering business value for its customers. When customers exercise choice, their choice is 3Com. For further information, please visit www.3com.com, or the press site www.3com.com/pressbox.
Copyright © 2005 3Com Corporation. 3Com, the 3Com logo, TippingPoint Technologies, the TippingPoint logo and Digital Vaccine are registered trademarks and Exercise Choice is a trademark of 3Com Corporation. All other company and product names may be trademarks of their respective holders.