McAfee Claims Protection Against MS Windows Vulnerabilities
McAfee, an intrusion prevention and security risk management company, has announced that it provides coverage for the 18 security vulnerabilities disclosed by Microsoft Corp. in its July Security Update. McAfee sees this as part of the trend to attack and target applications as well as base operating systems.
To date this year, 31 patches have been issued for applications in contrast to 41 for operating systems. For 2005 these numbers are 13 and 73 respectively.
Among the critical vulnerabilities, 13 pertain to Microsoft Excel and Microsoft Office. The remaining critical vulnerability, MS06-035 Mailstop Heap Overflow is a worm candidate since it is remotely exploitable without the need for user interaction on Windows 2000 SP4 and Windows XP SP1.
McAfee claims that by default, its Host IPS v6.0 and Entercept protect users against code execution that may result from exploitation of the buffer overflow/overrun vulnerabilities in Microsoft Excel, Microsoft Office, Microsoft Internet Information Services and DCHP lient Service. McAfee VirusScan Enterprise 8.0i and McAfee Managed VirusScan with AntiSpyware protect against attacks targeting the buffer overflow vulnerabilities in Microsoft Excel, Microsoft Office, Microsoft Internet Information Services, and DHCP Client Service.
McAfee IntruShield provides coverage for the Microsoft Excel, Microsoft Office, Microsoft Server Service, DHCP Client Service and .NET 2.0 vulnerabilities through signature sets 1.8.78, 1.9.61, 2.1.44, 3.1.17. McAfee IntruShield sensors deployed in in-line mode can be configured with a response action to drop such packets for preventing these attacks.
The McAfee System Compliance Profiler, a component of McAfee ePolicy Orchestrator, is being updated for newly disclosed vulnerabilities to quickly assess compliance levels of the security patches that Microsoft has announced in its July Security Update.
