NFR Security Provides its Sentivist Customers with Preemptive Protection against the Fast-Spreading Zotob Worm

ROCKVILLE, MD, August 18, 2005 – NFR Security, Inc., the global leader in Real-Time Threat Protectionâ„?, today announced that its Sentivistâ„? customers were already protected at the time of the Zotob worm discovery. Due to the quick turnaround time of NFR’s Rapid Response Team (RRT), the Sentivist intrusion prevention solution (IPS) was updated and able to provide preemptive attack protection capabilities for the Zotob exploit days before the worm was released. In addition, NFR Security was one of the first intrusion prevention vendors to provide this type of preemptive protection against the Zotob worm and its variants.

“This week’s quickly-spreading Zotob worm really underscores the shrinking window between vulnerability discovery and vulnerability exploit and the need for timely patching,” noted Andre Yee, president and CEO of NFR Security, Inc. “For unprotected networks, it’s unfortunate but very likely that the Zotob worm and its variants could cause severe damage. Our Sentivist customers, however, can have peace of mind knowing that our Rapid Response Team quickly identified and issued protection for this vulnerability days before the Zotob worm struck.”

On August 9, 2005, Microsoft issued a new security bulletin, MS05-039, which describes a critical Plug and Play (PnP) buffer overflow vulnerability in Windows 2000 machines that can be easily exploited. The Zotob worm, which has quickly propagated since Sunday of this week, exploits a programming error in the Plug and Play service which can present a remote attacker with the opportunity to overflow a fixed length buffer, execute code on the vulnerable system and escalate privileges on the host to the extent that they could take complete control of the affected machine.

NFR Security’s quick response to providing protection from this vulnerability allowed its customers to be protected prior to an exploit being developed, thus stopping the worm from causing damage and disruption to networks and systems. NFR Security’s RRT constantly monitors networks for new attacks on a 24×7 basis and develops signatures in response to make them immediately available to customers. The RRT consists of security experts and professionals whose one key mission is to identify new attack methods as soon as possible, day or night, 365 days a year.

More information on NFR Security’s protection capabilities for the Zotob worm and its variants can be found at:

About NFR Security, Inc.

NFR Security is the leading provider of network-based real time threat protection systems that secure business networks against the multi-faceted and sophisticated security threats of today. Uniquely combining its hybrid detection engine and Dynamic Shielding Architecture, NFR Security delivers highly accurate protection through inline prevention and automation against real time threats. NFR Security serve customers worldwide in corporate enterprises, government agencies, service providers and academic institutions through an extensive worldwide network of channel partners and direct sales. NFR Security is headquartered in Rockville, MD. Additional information about NFR Security can be found at or by calling 1-800-234-4079.

Don't miss