Technology News

Brings you recent Technology news from digital life;Internet, Gadgets, Blogs, Electronics and more...

Monday, May 01, 2006

Security Startup Targets Unpatched Windows Vulnerabilities

A new security company says it has developed a novel approach to protecting PCs from software that exploits unpatched Windows vulnerabilities.

Exploit Prevention Labs, founded in 2005 by some of the same executives behind the PestPatrol antispyware product, has developed software that scans network traffic for known exploits--called zero-days or 0days--that take advantage of unpatched bugs in Windows software.

Called SocketShield, the software also acts as a Web site filter, preventing users from visiting sites that are known to distribute malicious code.

Unlike the major security products, SocketShield does not protect against a wide variety of known malware. Instead, it blocks against a select group of zero-day attacks known to be in circulation. Currently, that means the product blocks about 15 malicious exploits that take advantage of Internet Explorer and Firefox bugs, says Roger Thompson, the company's chief technology officer.

"We're not saying that we're all things to all people. We're just a nifty layer, but it's an important layer," he adds. "We know which exploits are important and we known which ones are in use, and we protect you until you can patch."

Other Protection

Though SocketShield is focused on browser exploits, it could also be used to protect against other types of attacks, Thompson says.

Some users are worried about these zero-day exploits. Last month security vendor eEye Digital Security released a workaround for an unpatched Internet Explorer vulnerability after hackers published code that could be used to exploit it. That patch was downloaded over 150,000 times before Microsoft finally patched the bug.

SocketShield's focus on scanning for network traffic and its ability to block known malware sites makes it a little different from other antivirus products, says Richard Stiennon, chief research analyst with IT-Harvest, a research firm in Birmingham, Michigan. "Vendors are not really good at finding the sites that are trying to infect you," he explains. "They're not good at searching the Web because there are hundreds of millions of Web sites to look at."

The first nonbeta version of SocketShield will ship in June and will cost $29.95 for a one-year subscription. Renewals will cost $19.95 per year.



Post a Comment

Links to this post:

Create a Link

<< Home