Press Contact Email :
Tel: + 1.888.266.6361
Tel: + 1.206.203.6361
One of the most prolific attack mechanisms used by hackers - buffer overflow attacks, still remains open 2 years after the initial discovery by Trustix Engineers.
New York, 30th April 2004. Almost 2 years after its initial discovery by Trustix Engineers, a critical buffer overflow vulnerability from Microsoft still remains open. The vulnerability should have been fixed in SP1 for Windows XP and SP4 for Windows 2000. However, it has since been confirmed on fully patched systems running Windows XP and Windows 2000 and remains open still.
The Linux world at large recently attacked a report released by the Forrester Group "Is Linux More Secure Than Windows?" as misleading. The report focused on "how quickly serious vulnerabilities get fixed" which as this open issue clearly shows, is measured in years for Microsoft.
The vulnerability is caused by a boundary error, which can be triggered via Internet Explorer and Windows Explorer when connecting to a file server. This can be exploited to cause a buffer overflow by setting up a malicious share with an overly long name (about 300 bytes) containing no lower case characters. Successful exploitation may potentially allow execution of arbitrary code on a user's system but requires that the user is either tricked into connecting to a malicious file server, visit a malicious website, or follow a specially crafted link.
"The flaw was first notified to Microsoft in early 2002 and they said that the flaw needed to be fixed in a service pack instead of a hotfix." comments Rodrigo Gutierrez, a member of the Trustix Team that discovered the issue. "Last week while doing vulnerability research for a customer, I re-discovered the vulnerability and found out that it wasn't properly patched"
Trustix, provides of the worlds most secure Linux Operating System - Trustix™ OS - Enterprise Server, designed specifically to meet the requirements of the rapidly expanding Enterprise Server market. Whilst focusing on stability, security, reliability and protection against stack-smashing / buffer overflow attacks it also incorporates the industry's leading fully automatic secure update engine SWUP™.
ABOUT COMODO
Comodo (www.comodo.com) is the fastest growing Certification Authority in the world. Over 500,000 companies and individuals worldwide rely on Comodo to secure their e-business, including many of the top Fortune 500. The product portfolio includes Digital Certification Services, Internet Security Solutions from desktop endpoint security solutions right across the enterprise to critical back office infrastructure solutions. Comodo is the power behind the Trustix™ Operating System recognized as the most secure operating system available for enterprise servers.
Providing protection against Spoofing and Phishing attacks Comodo offers the world's only website identity assurance solution. Helping organizations of all sizes from large/medium enterprises across hosting providers and down to individuals, Comodo provides security for business. Developed by dedicated global research and development facilities and supported by a global support network all product information can be found on www.comodo.com or www.trustix.com. Trustix™ can also be reached on + 1.888.266.6361 or + 1.206.203.6361