SUNNYVALE, Calif., Nov. 10 /PRNewswire-FirstCall/ -- SonicWALL, Inc. , a leading provider of network, Web, email security and backup and recovery solutions, has deployed protection against a zero day vulnerability in Microsoft XMLHTTP ActiveX Control Code Execution, part of Microsoft XML Core Services 4.0 on Windows, which could be used to seize control of an affected system. The vulnerability, affecting only systems that run Internet Explorer, is caused by an unspecified error in the XMLHTTP 4.0 ActiveX Control.
Shortly after it was identified, users of SonicWALL's Unified Threat Management technology received updated signatures designed to protect against the flaw.
The vulnerability is being actively used in attempted cyberattacks. Successful exploitation would allow the execution of arbitrary code if a user visited an attacker's Web site.
"If this vulnerability were exploited, it could lead to loss of confidential information, disruption of business, or other compromise," said Boris Yanovsky, vice president of security services at SonicWALL. "It's important for companies of all sizes to use dynamic threat prevention on their firewall so that their network defenses can be continually and automatically updated at the gateway, before any equipment behind the firewall can be compromised."
SonicWALL delivers zero day gateway anti-virus, anti-spyware and intrusion prevention signatures to its subscribers on a continual basis, allowing them to defend against new and existing Internet attacks and exploits.
Further information on this vulnerability is available at http://software.sonicwall.com/applications/ips/index.asp?ev=sig&sigid=3811 .
-- MS XMLHTTP ActiveX Control Code Execution 0Day Generic Detection
SID:3811
-- MS XMLHTTP ActiveX Control Code Execution 0Day Generic Detection 2
SID:3814
-- MS XMLHTTP ActiveX Control Code Execution 0Day Generic Detection 3
SID:3815
About SonicWALL, Inc.
Founded in 1991, SonicWALL, Inc. designs, develops and manufactures comprehensive network security, email security, secure remote access, and backup and recovery solutions. SonicWALL is headquartered in Sunnyvale, California and trades on the NASDAQ under the symbol SNWL. For more information, contact SonicWALL at +1-408-745-9600 or visit the company web site at http://www.sonicwall.com/ .
Safe Harbor Regarding Forward-Looking Statements
Certain statements in this press release are "forward-looking statements" within the meaning of the Private Securities Litigation Reform Act of 1995. The forward-looking statements include but are not limited to statements regarding our ability to deliver gateway anti-virus, anti-spyware and intrusion prevention signatures on a continual basis and our ability to defend against new and existing Internet attacks and exploits. These forward-looking statements are based on the opinions and estimates of management at the time the statements are made and are subject to certain risks and uncertainties that could cause actual results to differ materially from those anticipated in the forward-looking statements. In addition, please see the "Risk Factors" described in our Securities and Exchange Commission filings, including our Annual Report on Form 10-K for the year ended December 31, 2005, for a more detailed description of the risks facing our business. All forward-looking statements included in this release are based upon information available to SonicWALL as of the date of the release, and we assume no obligation to update any such forward-looking statement. All forward-looking statements included in this release are based upon information available to SonicWALL as of the date of the release, and we assume no obligation to update any such forward-looking statement.
NOTE: SonicWALL is a registered trademark of SonicWALL, Inc. Other product and company names mentioned herein may be trademarks and/or registered trademarks of their respective companies.
