Industry's Most Comprehensive End-Point Security Solution Protects Enterprises from the Unpatched WINS Critical Security Vulnerability and Allows Enterprises to Properly Plan the Upgrade of Unsupported Operating Systems

(ALISO VIEJO, CA) December 2, 2004 — eEye Digital Security, a leading developer of vulnerability management software solutions for enterprise security, today announced that Blink – the most powerful and comprehensive end-point security software product introduced to date – is able to protect enterprises from a critical security vulnerability found within the Windows Internet Naming Service (WINS). This critical security vulnerability could potentially allow an attacker to remotely take control of a WINS server, which Microsoft provides as the preferred method for registering and querying of machine mappings within a network.

This security issue affects Microsoft Windows NT Server 4.0, Microsoft Windows NT Server 4.0 Terminal Server Edition, Microsoft Windows 2000 Server, and Microsoft Windows Server 2003. To date, Microsoft has not issued a patch for this security flaw, thus leaving countless machines that run critical applications such as Microsoft's Exchange, SQL Server and Active Directory vulnerable to attackers.

"WINS is an excellent example of a security flaw in a platform that has an enormous installed base – in this case, Windows NT 4.0 – but is no longer supported by Microsoft with security updates," stated Firas Raouf, eEye's chief operating officer. "In this case, Blink not only protects these vulnerable machines, but prevents the enterprise from being forced into an expensive ‘forklift’ upgrade to a different operating system."

If successful, an attacker exploiting the WINS vulnerability could gain full system access, taking complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts with full privileges. The protection for this un-patched vulnerability is already included within Blink's non-signature based intrusion prevention technology. Blink is able to identify the method of exploitation, in this case, the sending of a specially crafted WINS replication packet to a vulnerable server, and stop the packets from executing on the OS. Blink does this in a completely non-intrusive manner and does not impact the performance or availability of the host machine.

About Blink
Designed to be implemented on individual assets such as servers, PCs and laptops, Blink is the first end-point product to combine multiple layers of security technologies to protect enterprises from "zero-day" attacks that leverage unknown and/or unpatched vulnerabilities within enterprise networks. This comprehensive security solution allows enterprises to defer patching vulnerable machines until regularly scheduled maintenance cycles, thereby saving millions of dollars in lost business disruption and the associated IT resource drain caused by "panic patching." In the case of older operating systems that are no longer supported by Microsoft, Blink can also allow IT to defer upgrading these machines until it is fiscally viable to do so.

Blink is available and operating in production networks today. To find out more, contact eEye or visit the company’s Website at: http://www.eeye.com/blink.

About eEye Digital Security

eEye Digital Security is the global leader in a new class of security solutions: comprehensive vulnerability management and zero-day endpoint security protection. eEye enables secure computing through world-renowned research and innovative technology, supplying the world's largest businesses with an integrated and research-driven vulnerability assessment, intrusion prevention, and client security solution. eEye's research team is consistently the first to identify new threats in the wild and our products leverage that research to deliver the insights and tools necessary to protect our customer's operating environments. For more information, please visit http://www.eeye.com

Primary Press Contact

Victor Cruz
MediaPR
(401) 349-3369 vcruz@mediapr.net

EMEA Press Contact

Ralph Klöwer
INTERFACE Relations
+49 (0) 89-552 688-66 r.kloewer@interface.pr.de