Safend, an international leader in endpoint security solutions, announced today their discovery of a new security exploit in Microsoft Windows XP. The five zero day buffer overflows were uncovered by Safend´s R&D team while testing Safend Protector 3.0.
“The exploit found in XP also affects XP Service Packs 1 and 2 and involves buffer overflows in USB device drivers. The result is the on-site disabling of a PC or ´blue screen,´” said Zvi Gutterman, Safend CTO. “We´ve reported the issue to Microsoft and will give them the opportunity to resolve the problem before discussing it in detail. We will provide Microsoft with whatever information they need to help users avoid disruptions in service.”
Safend, whose main US office is located in Philadelphia, develops comprehensive endpoint security solutions which protect enterprise PCs and laptops from data theft and tampering via their peripheral connections such as USB, wireless, and storage devices.
“We´re pleased to note that Safend Protector 3.0, currently in beta and set to ship this summer, is capable of protecting against exploits such as the ones we´ve discovered in Windows XP,” says Gutterman. “While it´s regrettable that such vulnerabilities exist, solutions such as ours offer users another layer of defense.”
Safend Protector 3.0 offers enhanced security functionality, including granular control over WiFi network access, logging of all files accessed via removable storage, and Cisco NAC integration. The upgraded solution allows the blockage of U3 drive and autorun functionality, yet will permit the use of approved storage devices. An expanded list of controlled ports, including SecureDigital, is included in the extensive list of device types supported.
Safend Protector and its free companion download, Safend Auditor, are available through authorized resellers worldwide. Safend Protector 3.0 will be available later this summer.