Zone Labs Products Protect Against Latest Microsoft Vulnerability

San Francisco, CA. – July 17, 2003 – Zone Labs Inc., a leading creator of endpoint security solutions, today announced that all products in the Zone Labs consumer and enterprise security suites protect against the recent vulnerability found in the Microsoft Windows operating system. This critical security hole allows a potential attacker to take remote control of any computer running any version of Windows, except for Windows Me. All computers employing Zone Labs Integrity, ZoneAlarm Pro, ZoneAlarm Plus and ZoneAlarm security products are protected against this and similar vulnerabilities.

An attack of this sort could result in complete loss of control of Internet-connected PCs, vandalism, or theft of data. Though Microsoft has released a patch to this specific vulnerability, companies and consumers have shown a lag of as much as one year before widespread adoption of such patches. Hackers depend on this lag time, developing exploits such as the recent SQL Slammer which took advantage of a known vulnerability with a patch that had been available for several months. Further, the various Microsoft Windows operating systems contain numerous hidden servers that are potentially vulnerable to this sort of exploit; judging from past attacks, hackers will likely discover and exploit additional related vulnerabilities. Zone Labs’ stealthing security products protect users from this type of problem in general, now and in the future.

“This type of vulnerability is an incredible threat to the security of PCs and the networks those PCs are connected to,” said Gregor Freund, CEO and co-founder, Zone Labs. “Microsoft owns the largest percentage of the OS market and, as such, will be a constant target for attacks. Zone Labs is proud to have protected our users from this type of vulnerability without patches or updates which are especially difficult for enterprises to apply. We recommend our users practice smart computing: use a firewall, run an anti-virus solution, always implement patches and updates as soon as available, and employ common sense when opening attachments, revealing confidential information, etc. These habits allow people to safely enjoy their online experience.”

Due to their multiple layers of protection, Zone Labs Integrity and the ZoneAlarm product line are able to protect unpatched operating systems against this threat. This stack buffer overflow vulnerability can be exploited by attacking Windows Operating systems RPC interface using port 135. Zone Labs solutions block incoming connections to port 135 from the Internet zone by default at both medium and high security settings.

Zone Labs solutions are available immediately from the Zone Labs web site and Zone Labs Authorized Resellers.

About Zone Labs, Inc.
Zone Labs, one of the most trusted brands in Internet security, is a leading creator of endpoint security solutions protecting millions of PCs from risks posed by hackers and data theft. The company’s award-winning endpoint security product line is deployed in global enterprises, small businesses and consumers’ homes, protecting them from Internet-borne threats. Zone Labs Integrity is an endpoint security management platform that protects corporate data and productivity while ZoneAlarm, ZoneAlarm Pro and ZoneAlarm Plus are among the most popular and successful Internet security products available today.

Founded in 1997, Zone Labs is a private company headquartered in San Francisco, California, USA, with European headquarters in Frankfurt, Germany. For more information, please visit Zone Labs at www.zonelabs.com.

Editor’s Notes: IMsecure, TrueVector, ZoneAlarm, Zone Labs Integrity, the Zone Labs logo and Zone Labs are registered trademarks of Zone Labs Inc. Smarter Security is a trademark of Zone Labs Inc. AlertAdvisor is a service mark of Zone Labs Inc. All other trademarks are the property of their respective owners. Zone Labs Integrity protected under U.S. Patent No. 5,987,611. Reg. U.S. Pat. & TM Off