Press Releases
StillSecure Safe Access Detects New Windows Registry Key Vulnerabilities
Wednesday, 31 August 2005 00:41 EST(Louisville, Colo. – August 29, 2005) – StillSecure®, provider of an integrated suite of enterprise network security solutions, today announced that StillSecure Safe Access customers are protected from the new Windows registry vulnerability. The Windows Registry Editor Utility String Concealment vulnerability, first exposed on August 24, 2005, is particularly dangerous because it cannot currently be detected by some
security programs.
This new security hole discovered in Windows allows hackers to take advantage of a computer's registry keys to hide the presence of worms, Trojans, and viruses. Once hackers have compromised a system they can cover their tracks by adding an overly long registry entry to the key. Because of its length it cannot be easily detected and neither can subsequent keys so malicious code can re-launch each time the system reboots.
StillSecure Safe Access, a network access control solution, detects the hidden registry entries that may house malicious code. The SANS Internet Storm Center has posted a list of solutions that have been tested and are capable of detecting this vulnerability at http://isc.sans.org/diary.php?date=2005-08-25.
Robert Danford, StillSecure Security Alert Team (SAT) member and the SANS Internet Storm Center handler on duty when the vulnerability became widely exposed, states that the Storm Center “expect(s) this trend to continue over the lifecycle of the next few weeks as vendors patch their products as necessary to allow these values to be visible to their scan engines.”
“Organizations need to make sure that their security software detects this vulnerability, otherwise they’re leaving themselves wide open to attack,” said Mitchell Ashley, CTO and VP of Customer Experience at StillSecure.
“Safe Access is capable of accommodating unusual or anomalous entries so our customers are automatically supported without a patch or rule update.
This vulnerability re-confirms that unlike other network access control solutions, Safe Access has extensive capabilities for detecting security holes and the presence of worms, Trojans, and viruses.”
About StillSecure Safe Access
Safe Access is a network access control solution that protects the network by ensuring endpoint devices are free from threats and in compliance with IT security policies. Part of the integrated StillSecure suite of network security solutions, Safe Access systematically tests endpoints for compliance and quarantines non-compliant machines before they damage the network. The StillSecure suite also includes StillSecure VAM™, a vulnerability management platform, and StillSecure Strata Guard™, a network-based intrusion detection/prevention system (IDS/IPS).
About StillSecure
StillSecure delivers network security solutions that protect IT business infrastructure. The integrated StillSecure suite provides preventative defense, enables compliance with regulatory information security policies, and actively blocks network attacks. StillSecure manages and reduces risk from network attack and noncompliance for some of the largest organizations in the healthcare, financial services, government, and education sectors.
For more information please call , or visit http://www.stillsecure.com.