Exploited vulnerability could allow full system access and control
December 11, 2008
PRESS RELEASE
SUNNYVALE, Calif.--(BUSINESS WIRE)--Palo Alto Networks today announced that its Threat Research Team discovered one of the six critical vulnerabilities communicated in Microsoft's Patch Tuesday security bulletin this week.
Prompting the highest vulnerability rating, Microsoft credited Palo Alto Networks exclusively with the discovery of Word Memory Corruption Vulnerability (CVE-2008-4026). The vulnerability exists in the way that Microsoft Word handles certain Word files.
An attacker could deliver a seemingly innocent document to a user via email, IM or as a download from a Website. If opened, the execution would enable an attacker to take complete control of an affected system, allowing them to then install programs; view, change, or delete data; or create new accounts with full user rights. The vulnerability exists in both the Microsoft Office 2003 and 2007 versions.
This vulnerability continues a string of discoveries - five of which have been rated critical - that Palo Alto has discovered and worked with Microsoft to ensure users are protected.
Palo Alto Networks' family of next-generation firewalls protects enterprises from any exploits that take advantage of these vulnerabilities, as well as a broad range of other threats. The Palo Alto Networks Threat Research Team is active in the research community, aggressively pursuing both new vulnerability research and mitigation of all types of threats.
About Palo Alto Networks
Palo Alto Networks(tm) is the leader in next-generation firewalls, enabling unprecedented visibility and granular policy control of applications and content - by user, not just IP address - at up to 10Gbps with no performance degradation. Based on patent-pending App-ID(tm) technology, Palo Alto Networks firewalls accurately identify and control applications - regardless of port, protocol, evasive tactic or SSL encryption - and scan content to stop threats and prevent data leakage. Enterprises can for the first time embrace Web 2.0 and maintain complete visibility and control, while significantly reducing total cost of ownership through device consolidation. For more information, please visit www.paloaltonetworks.com. Palo Alto Networks, the Palo Alto Networks Logo, App-ID and PAN-OS are trademarks of Palo Alto Networks, Inc. in the United States. All other trademarks, trade names or service marks used or mentioned herein belong to their respective owners.
You May Also Like
Guarding the Cloud: Top 5 Cloud Security Hacks and How You Can Avoid Them
April 4, 2024Cybersecurity Strategies for Small and Med Sized Businesses
April 11, 2024Defending Against Today's Threat Landscape with MDR
April 18, 2024Securing Code in the Age of AI
April 24, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024Black Hat Asia - April 16-19 - Learn More
April 16, 2024