CyberGuard's Webwasher Jumps on Java Vulnerability

A vulnerability in an application that is present on most desktop computers poses a significant security threat because it will not be closed by the usual Microsoft update process. However, proactive filtering technology, which is included in the newest versions of Webwasher Content Security Management (CSM), protects users from the vulnerability discovered in Sun Microsystem's Java Virtual Machine (VM).





"Java VM is used extensively by many online services such as maps or chat portals," said Horst Joepen, CEO of CyberGuard's Webwasher subsidiary. "This vulnerability could have a major impact on most enterprises since even those with strict security policies do not usually forbid the download or use of Java."

Joepen explained that the vulnerability was available as a "proof of concept" code at this point and there had been no outbreak of a virus or worm as yet. But he added that once a vulnerability of this magnitude is exposed, it is usually not long before the vulnerability is exploited.

"Most PCs are vulnerable, since Java VM is downloaded when users try to access Web sites that check for a Java VM and then ask the user to automatically install it," Joepen said. "Since the Sun Java VM is not part of Windows, Microsoft patches won't help."

Joepen explained that Webwasher's proactive filtering offers protection against the Java VM vulnerability as well as against a class of "thinkable" virus attacks which use a similar approach. Proactive detection can replace hundreds or thousands of virus patterns that will need to be developed. It adds new schemes of attack to its proactive technology as vulnerabilities become known, instead of having to wait for a virus to hit and its pattern to be identified. Joepen pointed to two recent examples where proactive filtering protected customers from the first minute of a new attack:


    -- JPEG IE buffer overrun vulnerability (Sept. 12)

    -- Sober.I attack (Nov. 19)

Proactive filtering technology in Webwasher version 5.1 protects against malicious files and is part of Webwasher Antivirus and Webwasher Content Protection products.

Source: press release





Permalink: CyberGuard's Webwasher Jumps on Java Vulnerability
Posted 11/24/04 | Filed under: Security | AddThis Social Bookmark Button