eEye Digital Security » News

News

eEye Digital Security's Blink Eliminates the Threat of WINS Zero-Day Attacks for Enterprises

Industry's Most Comprehensive End-Point Security Solution Protects Enterprises from the Unpatched WINS Critical Security Vulnerability and Allows Enterprises to Properly Plan the Upgrade of Unsupported Operating Systems

(ALISO VIEJO, CA) December 2, 2004 — eEye Digital Security, a leading developer of vulnerability management software solutions for enterprise security, today announced that Blink – the most powerful and comprehensive end-point security software product introduced to date – is able to protect enterprises from a critical security vulnerability found within the Windows Internet Naming Service (WINS). This critical security vulnerability could potentially allow an attacker to remotely take control of a WINS server, which Microsoft provides as the preferred method for registering and querying of machine mappings within a network.

This security issue affects Microsoft Windows NT Server 4.0, Microsoft Windows NT Server 4.0 Terminal Server Edition, Microsoft Windows 2000 Server, and Microsoft Windows Server 2003. To date, Microsoft has not issued a patch for this security flaw, thus leaving countless machines that run critical applications such as Microsoft's Exchange, SQL Server and Active Directory vulnerable to attackers.

"WINS is an excellent example of a security flaw in a platform that has an enormous installed base – in this case, Windows NT 4.0 – but is no longer supported by Microsoft with security updates," stated Firas Raouf, eEye's chief operating officer. "In this case, Blink not only protects these vulnerable machines, but prevents the enterprise from being forced into an expensive ‘forklift’ upgrade to a different operating system."

If successful, an attacker exploiting the WINS vulnerability could gain full system access, taking complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts with full privileges. The protection for this un-patched vulnerability is already included within Blink's non-signature based intrusion prevention technology. Blink is able to identify the method of exploitation, in this case, the sending of a specially crafted WINS replication packet to a vulnerable server, and stop the packets from executing on the OS. Blink does this in a completely non-intrusive manner and does not impact the performance or availability of the host machine.

About Blink
Designed to be implemented on individual assets such as servers, PCs and laptops, Blink is the first end-point product to combine multiple layers of security technologies to protect enterprises from "zero-day" attacks that leverage unknown and/or unpatched vulnerabilities within enterprise networks. This comprehensive security solution allows enterprises to defer patching vulnerable machines until regularly scheduled maintenance cycles, thereby saving millions of dollars in lost business disruption and the associated IT resource drain caused by "panic patching." In the case of older operating systems that are no longer supported by Microsoft, Blink can also allow IT to defer upgrading these machines until it is fiscally viable to do so.

Blink is available and operating in production networks today. To find out more, contact eEye or visit the company’s Website at: http://www.eeye.com/blink.

About eEye Digital Security

eEye Digital Security® is pioneering a new class of security products:integrated threat management. This next-generation of security detects vulnerabilities and threats, prevents intrusions, protects all of an enterprise’s key computing resources, from endpoints to network assets to web sites and web applications, all while providing a centralized point of security management and network visibility.eEye’s research team is consistently the first to identify new threats in the wild, and our products leverage that research to deliver on the goal of making network security as easy to use and reliable as networking itself. Founded in 1998 and headquartered in Orange County, California, eEye Digital Security protects more than 9,000 corporate and government organizations worldwide, including half of the Fortune 100. For more information, please visit www.eeye.com

About eEye Digital Security

Primary Agency Contact

EMEA Agency Contact

Corporate Contact