05/10-04
-
Pressemeldinger
eSafe® tillby unik gateway beskyttelse mot JPEG bilde virus
Norsk importør: Trygg data as, www.tryggdata.no
Aladdin eSafe offers the world´s fastest and most comprehensive gateway-level inspection solution, inspecting both HTTP and SMTP content without impacting performance
CHICAGO, October 4, 2004, - Aladdin Knowledge Systems Ltd. (NASDAQ: ALDN) today announced that its eSafe solution is the only gateway-based content security product available today that efficiently protects against the new JPEG exploit. The Microsoft GDI+ JPEG exploit (Microsoft security bulletin MS04-028 at http://www.microsoft.com/technet/security/bulletin/MS04-028.mspx) allows an attacker to execute malicious code when an infected JPEG image is viewed using vulnerable applications (including numerous Microsoft applications as well as many applications developed using Microsoft GDI+ libraries). The malicious code could be used to elevate rights, allow remote access, initiate worms, steal information and download and execute other malicious code from the Internet.
While most gateway-level security solutions inspect incoming email attachments, not all inspect JPEGS and other content in HTTP. Aladdin research finds that nearly 15 percent of all malicious code arrives from non-email protocols, making the inspection of HTTP traffic a vital element of comprehensive content security. The often non-protected protocol (HTTP) was the primary source for some of the latest serious threats, including Code Red and Nimda.
JPEG Exploits in HTTP/FTP Traffic
Providing the only gateway-level solution capable of quickly inspecting for JPEG exploits and malicious code, Aladdin eSafe offers the most practical method of preventing infection. While most security solutions inspect JPEG email attachments, many do not inspect JPEG files in HTTP and FTP. Competing solutions that do inspect HTTP/FTP traffic are proxy-based and cache the images before inspection. Some proxy solutions also require that the file be moved from the caching proxy to the content security server, significantly impacting performance. Aladdin eSafe eliminates this lengthy process.
HTML Image Link to JPEG
Attackers or spammers can send an email containing an HTML image link to a JPEG containing malicious code. The JPEG itself resides on a web server and is automatically downloaded via HTTP when the email is viewed or previewed. The code is executed the moment the image is viewed or previewed in Outlook/Outlook Express. eSafe can inspect all JPEG files in SMTP and HTTP. Competing solutions only inspect JPEG files in SMTP or experience significant performance issues while inspecting in HTTP.
Benefits of using eSafe for JPEG-based exploits include:
JPEG inspection is performed while files are in transit – no time-consuming file caching like all other solutions that are proxy based
JPEG inspection is completely transparent and has minimal impact on Web content security performance
JPEG exploits are now blocked in HTTP and FTP traffic as well as SMTP
JPEG inspection is now integrated into eSafe´s NitroInspection(tm) engine
"This is the most serious security flaw of Windows since Blaster. As a result, speed is critical in dealing with serious HTTP based threats such as the MS04-028 JPEG GDI+ exploit," said Shimon Gruper, vice president of technologies, Aladdin eSafe Business Unit. "The gateway-based Aladdin eSafe solution provides unique protection by immediately inspecting JPEG files in email attachments, on Web pages and in SMTP, and HTTP with technology designed not to affect network performance. Competing solutions either miss some of these infection vectors completely or address them using a slow, nearly impractical method. We´re proud to offer Aladdin eSafe customers the fastest, most effective security solution available."
Aladdin Knowledge Systems
Aladdin (Nasdaq: ALDN) is a leader in digital security, providing solutions for software digital rights management and Internet security since 1985. Serving more than 30,000 customers worldwide, Aladdin products include: the USB-based eToken™ device for strong user authentication and e-commerce security; the eSafe® line of integrated content security solutions that protect networks against malicious, inappropriate and nonproductive Internet-borne content; and the HASP® family of hardware- and software-based products that flexibly protect, license and distribute software and intellectual property. Visit the Aladdin Web site at www.eAladdin.com