Trend Micro enhances security for Windows environments

Trend Micro has announced that Trend Micro Deep Security and OfficeScan Intrusion Defense Firewall provides the vulnerability shielding required to quickly protect Windows environments from zero-day threat as. This is further to the announcement made by Microsoft about zero-day threat.

Recently Microsoft made an announcement about active zero-day attacks that leverage vulnerability in Microsoft XML Core Services that could allow an attacker to gain control of a user's system through browser-based attacks. The vulnerability affects all supported releases of Microsoft Windows, and all supported editions of Microsoft Office 2003 and Microsoft Office 2007.  No patch is available for this vulnerability at this time - Microsoft has only been able to provide a workaround that is difficult to deploy and may be disruptive to business operations. Customers need quick and effective protection.

Trend Micro Deep Security and OfficeScan Intrusion Defense Firewall effectively protect Users against Active Exploits on Latest Internet Explorer Vulnerabilities. The new rule was provided by Trend Micro within 2 hours of the vulnerability announcement and can be pushed out automatically and without disruption to all vulnerable systems.

Trend Micro Deep Security customers should apply the rule 1005061 – Microsoft XML Core Services Remote Code Execution Vulnerability (CVE-2012-1889) to block the access to websites serving malicious webpages invoking affected MSXML COM objects that access vulnerable JavaScript methods. In addition, protections for vulnerabilities in MS12-037 are found in this Threat Encyclopedia page. Both rules are also available for OfficeScan with the Intrusion Defense Firewall plugin.

25-Jun-2012 08:12:59