/ciol/media/agency_attachments/c0E28gS06GM3VmrXNw5G.png)
Follow UsSUNNYVALE, CALIF: SonicWALL Inc. announced that it has deployed early protection against a range of newly-identified software, firewall and security vulnerabilities. Users of the company’s Unified Threat Management technology receive updated signatures designed to repel security threats.
SonicWALL has deployed further signatures to protect against recent exploits including Microsoft HHCtrl ActiveX Control Memory Corruption Vulnerability (MS06-046), Microsoft Management Console Remote Code Execution Vulnerability (MS06-044), and Microsoft PowerPoint Malformed Record vulnerability (Exploit.PoC). Signatures created by SonicWALL’s research team are already in place to other exploits, including those targeting the HLINK Day Zero vulnerability.
SonicWALL also deployed signatures designed to address possible remote code execution of vulnerabilities in Barracuda Spam Firewalls (version 3.3.01.001 to 3.3.02.053). These vulnerabilities could result in arbitrary file disclosure and remote command execution.
Boris Yanovsky, vice president of security services at SonicWALL, said, “To exploit this vulnerability, a valid user must be logged in to the Barracuda firewall. However, this restriction can be overcome if attackers use another, existing vulnerability.”
“It’s important for companies of all sizes to use dynamic threat prevention on their firewall so that their network defenses can be continually and automatically updated at the gateway, before any equipment behind the firewall can be compromised,” he added.
© CyberMedia News