Home > News > IBM safeguards against Microsoft vulnerabilities

IBM safeguards against Microsoft vulnerabilities

February 16th, 2007

IBM’s security division, Internet Security Systems, offers protection from several critical vulnerabilities announced by Microsoft. The vulnerabilities include a flaw discovered in Microsoft’s core anti-virus engine.

By creating a specially-crafted PDF file, hackers are able to trigger a heap overflow in the anti-virus engine, resulting in remote code execution, said ISS in its security advisory.

ISS also provides protection for three critical vulnerabilities in Internet Explorer covered by Microsoft bulletin MS07-016. The critical of these is an FTP client vulnerability that can be remotely exploited by a malformed response from a malicious server.

“ISS continues to work closely with Microsoft to provide Vista support for our customers,” says IBM.

ISS also published a white-paper named “Microsoft Vista’s Kernel-Locking”, discussing Vista’s kernel security features.


Comments are closed.