Home > Company > News > 2004 Archives > PR20040210
News
eEye Digital Security Uncovers Dangerous Vulnerabilities in Microsoft Windows ASN

eEye’s Retina® Network Security Scanner Detects and Remediates ASN Vulnerability

(ALISO VIEJO, CA) February 10, 2004 — eEye® Digital Security, a leading developer of enterprise security software solutions, today announced its research team uncovered two critical vulnerabilities relating to Microsoft’s Windows® Abstract Syntax Notation One (ASN.1). ASN is the method through which the syntax of messages to be exchanged between peer applications is defined, independent of local representation. These critical security flaws affect unpatched Windows NT, 2000, XP and Windows Server 2003 machines. eEye’s research team discovered these vulnerabilities as early as July 2003 and worked with Microsoft to develop a remediation solution.

Either of these ASN vulnerabilities could allow an attacker to overwrite heap memory with arbitrary data allowing for the execution of malicious code. Both of these flaws can be detected and subsequently exploited remotely and have the potential to cause serious damage if not immediately remediated. Ironically, the security-related functionality in Windows is especially adept at rendering a machine vulnerable to an attack. Since the ASN library is widely used by Windows security subsystems, the vulnerability is exposed through an array of authentication protocols. This makes these vulnerabilities more dangerous than previous flaws that spawned Nimda, Code Red and Sapphire worms. eEye and Microsoft have released detailed advisories to alert Windows users of the need to immediately remediate vulnerable machines on their networks.

"eEye's research team is in constant search of new vulnerabilities in order to improve network security and stay a step ahead of malicious attacks that disrupt business and result in financial loss," said Marc Maiffret, chief hacking officer of eEye Digital Security. "With these new findings of potentially catastrophic vulnerabilities, it is imperative that organizations immediately apply the appropriate patches to ensure their systems are secure."

Retina® Network Security Scanner customers are already protected against this vulnerability. It is imperative that users scan their networks for vulnerable machines and follow the remediation instructions provided by Retina. eEye Digital Security is a leading contributor to network security research. For more information about upcoming advisories, visit
www.eeye.com/html/Research/Upcoming/index.html.

For more information about eEye’s research team, please visit
www.eeye.com/research.

For more information on Retina Network Security Scanner, please visit:
www.eeye.com/html/Products/Retina/index.html

For information on the ASN vulnerability, please refer to eEye’s advisory:

www.eeye.com/html/Research/Advisories/AD20040210.html
www.eeye.com/html/Research/Advisories/AD20040210-2.html

About eEye’s Research Team
eEye's research team is recognized as a leader in network security – having detected dozens of high-severity vulnerabilities and worms in the past few years, including the Code Red, Sapphire and RPC DCOM vulnerabilities. With unparalled security expertise, eEye’s research team is regarded as one of the foremost authorities on vulnerability discovery and has built upon this heritage to deliver the industry’s most comprehensive enterprise vulnerability assessment and remediation management solutions.

About eEye Digital Security

eEye Digital Security® is pioneering a new class of security products:integrated threat management. This next-generation of security detects vulnerabilities and threats, prevents intrusions, protects all of an enterprise’s key computing resources, from endpoints to network assets to web sites and web applications, all while providing a centralized point of security management and network visibility.eEye’s research team is consistently the first to identify new threats in the wild, and our products leverage that research to deliver on the goal of making network security as easy to use and reliable as networking itself. Founded in 1998 and headquartered in Orange County, California, eEye Digital Security protects more than 9,000 corporate and government organizations worldwide, including half of the Fortune 100. For more information, please visit www.eeye.com

Primary Agency Contact

Victor Cruz
MediaPR
(508) 655-4397 eEye@mediapr.net

EMEA Agency Contact

Ralph Klöwer
INTERFACE Relations
+49 (0) 89-552 688-66 r.kloewer@interface.pr.de

Corporate Contact

Stacy Newman
eEye Digital Security
(949) 900-4131 press@eEye.com