BindView RAZOR Team Issues RapidFire Update for New Microsoft IIS Vulnerability
HOUSTON--(BUSINESS WIRE)--June 25, 2004--BindView Corp. (Nasdaq:BVEW) announced today that its RAZOR Rapid Response Team has created security checks for a newly identified critical vulnerability. The new vulnerability compromises Microsoft Internet Information Servers (IIS) and all systems using Internet Explorer (IE) to browse the web. The attacks corrupt IIS servers in a manner that does not interfere with their operation, instead causing IE clients that browse the web server's content to become infected themselves. The newly discovered vulnerability appears to have exceedingly destructive capabilities, and rapid exploitation is expected.
BindView customers on current maintenance contracts running Vulnerability Management solutions that include bv-Control for Windows can take immediate protective action. BindView's RapidFire Update Service provides customers with immediate access to the update via automatic distribution, or customers can download the new updates online at http://www.bindview.com/Advisories/ADV_MSFT04-062504.cfm
Who is at Risk
Nearly every organization using IIS or IE is at risk. Microsoft has reported that the MS04-011 patch alert prevents the compromise of Windows 2000 servers running IIS. Other reports contradict Microsoft, and BindView cannot at this time confirm either.
BindView has created vulnerability checks for bv-Control for Windows to assist customers in locating compromised systems. Once these systems are identified, customers should proceed with the outlined precautionary measures as quickly as possible.
Commentary on the IIS Vulnerability
BindView RAZOR Team experts are available to discuss these new vulnerabilities and share further insight into organizations most at risk, potential outcomes of an attack, as well as additional ways to secure enterprise IT infrastructures. Experts can also discuss the growing number of system vulnerabilities that have been identified in the past few months.
About BindView
BindView Corporation is a leading provider of proactive business policy, IT security and directory management software worldwide. BindView solutions and services enable customers to centralize and automate policy compliance, vulnerability assessment, directory administration across the entire organization. With BindView insight at work(TM), customers benefit from reduced risk and improved operational efficiencies with a verifiable return on investment. More than 20 million licenses have shipped to 5,000 companies worldwide, spanning all major business segments and the public sector. Contact BindView via e-mail at info@bindview.com or visit BindView's website at http://www.bindview.com. BindView can also be reached at 800-749-8439 or at 713-561-4000.
Contacts
BindView Corporation, Houston
Yvonne Donaldson, 713-561-4023
yvonne.donaldson@bindview.com
or
FitzGerald Communications
Shari Wong, 202-973-4783
swong@fitzgerald.com
[ Comment, Edit or Article Submission ]
