Week in Security: Microsoft Alerts, New Technologies


Here's a rundown of some of the events, announcements and other happenings in information security last week:

•Microsoft issued three alerts in one day about newly discovered flaws in its software. The company said the most critical one was a buffer overrun in the Remote Access Service (RAS) software, which is a native component in Windows NT 4.0, Windows 2000 and Windows XP. The flaw could allow an attacker to shut a system down or run code. Another vulnerability affects Web servers running Microsoft Internet Information Server with HTR scripting turned on, and two flaws affect the way SQL Server handles XML data transfer. Microsoft released patches for all of the vulnerabilities in bulletins MS02-029, MS02-028, and MS02-030.

•Microsoft said it inadvertently shipped the Nimda computer virus with Korean version of its Visual Studio .Net developer tools. No customer systems were infected by the virus and the risk of infection is low, a company spokesman said. The problem occurred through the localization process, in which Microsoft contracted with a third party to translate the application to Korean, he said. Microsoft issued an update to remove infected files from the program and also offered Korean developers replacement programs.

•Qualys, a provider of Web-based vulnerability assessment services based in Redwood Shores, Calif., said it is offering a special deal to customers of Network Associates' CyberCop vulnerability assessment software, which Network Associates is discontinuing. Qualys will give CyberCop customers who switch to its QualysGuard solution the first six months of coverage for free plus a 20 percent discount on the rest of the annual subscription.

•Check Point Software Technologies unveiled enhanced technology to secure voice over IP, which is now available across its Next Generation product line. The company said its Secure Virtual Network Architecture natively recognizes and prioritizes Session Initiation Protocol VoIP traffic on VPNs to provide security, quality of service and privacy.

•McAfee Security, a division of Network Associates, unveiled an enhanced version of its VirusScan AsaP managed desktop antivirus service that provides automated updates without the need for Internet connectivity and also automatically updates users when they connect to the network instead of updating at regular, scheduled times.

•Stonesoft, which has U.S. headquarters in Atlanta, said it is offering pricing incentives that will make it easier for solution providers to sell its security software. Solution providers will ship Stonesoft's StoneGate VPN/firewall software at normal margin, but Stonesoft will rebate the end user up to $6,500 for server hardware to run a StoneGate two-node cluster and up to $5,000 for the hardware to run a single StoneGate VPN/firewall. Customers can choose from any server platform that meets StoneGate requirements.

•Entercept Security Technologies, a provider of intrusion-prevention software based in San Jose, Calif., announced general availability of Entercept 2.5, an updated version of its flagship software featuring new customization features and protection against the latest buffer overflow techniques.

•Lumeta, a supplier of network management and security products based in Somerset, N.J., said it received $8 million in new financing. Wachovia Strategic Ventures Group led the round.

•Securify, Mountain View, Calif., named Carl Wright vice president of federal operations. Previously, Wright was chief information security officer and operations officer for the U.S. Marine Corps IT and network operations center.