WatchGuard Protects Customers from ``Critical'' Microsoft Exchange Flaw that Leaves E-mail Servers Open to Attack; Company's Intelligent Layered Security keeps customers safe without relying on signatures
SEATTLE--(BUSINESS WIRE)----WatchGuard Technologies, Inc. (Nasdaq:WGRD) has announced that its Firebox X security appliances provide protection against the latest Microsoft Exchange vulnerability disclosed today. This vulnerability is the result of a critical buffer overflow flaw affecting Microsoft Exchange Server 2000 and 2003, which results from the way Exchange handles one of Microsoft's enhanced SMTP verbs, potentially leaving e-mail servers open to attack. WatchGuard's Intelligent Layered Security (ILS), standard on the Firebox X500-X2500, prevents remote attackers from exploiting this flaw.
"Many network security appliances on the market rely on signature updates to keep up to date with the latest threats. This leaves networks vulnerable to attack during that window of time before signatures are available and before patches for known flaws are deployed," said Mark Stevens, WatchGuard chief strategy officer. "Our Firebox X appliances provide stronger security for our customers. In the case of the new Microsoft Exchange flaw, this means protecting our customers' e-mail servers from potential attackers."
"This vulnerability relies on injecting malicious SMTP commands directly into the Exchange server protocol processor," said David Piscitello, an internationally recognized leader in networking technology and president of Core Competence, a network and security research consultancy. "This is exactly the kind of attack SMTP proxies thwart. It's nice that Microsoft recommends 'SMTP protocol inspection to filter out SMTP protocol extensions' as a workaround, but it's a simple fact that if you use an SMTP proxy in a firewall like WatchGuard's, you would not fall prey to this kind of attack at all."
About WatchGuard Technologies, Inc.
WatchGuard is a leading provider of network security solutions for small- to mid-sized enterprises worldwide, delivering integrated products and services that are robust as well as easy to buy, deploy and manage. The company's Firebox X line of expandable integrated security appliances is designed to be fully upgradeable as an organization grows and to deliver the industry's best combination of security, performance, intuitive interface and value. WatchGuard Intelligent Layered Security architecture protects against emerging threats effectively and efficiently and provides the flexibility to integrate additional security functionality and services offered through WatchGuard. Every WatchGuard product comes with an initial LiveSecurity Service subscription to help customers stay on top of the security landscape with vulnerability alerts, software updates, expert security instruction and superior customer care. For more information, please visit www.watchguard.com.
WatchGuard, LiveSecurity and Firebox are either registered trademarks or trademarks of WatchGuard Technologies, Inc. in the United States and/or other countries. All other trademarks are the property of their respective owners.
LEWIS PR for WatchGuard Casey Lewis, 415-277-5400 watchguard@lewispr.com or WatchGuard Public Relations Jeff Wenker, 206-613-6646 jeff.wenker@watchguard.com
04/13/2005 07:30 ET |
