McAfee Offers Protection Against MS Vulnerabilities

McAfee has announced that it provides coverage for the four security vulnerabilities disclosed by Microsoft. These vulnerabilities have been reviewed by McAfee Avert Labs, and based on their findings, McAfee recommends that users confirm the Microsoft product versioning outlined in the bulletins and update as recommended by Microsoft and McAfee. This includes deploying solutions to ensure protection against the vulnerabilities outlined in this advisory.

Microsoft vulnerabilities overview include MS07-051 - vulnerability in Microsoft Agent could allow remote code execution; MS07-052 - vulnerability in Crystal Reports for Visual Studio could allow remote code execution; MS07-053 - vulnerability in Windows Services for Unix could allow elevation of privilege; and MS07-054 - vulnerability in MSN Messenger and Windows Live Messenger could allow remote code execution.

The four security bulletins cover a total of four vulnerabilities. One of the bulletins is rated critical by Microsoft due to the potential for remote code execution. The three remaining bulletins are deemed important.

With McAfee’s Security Risk Management approach, customers can address business priorities and security realities. Out of the box, Host IPS claims to protect against buffer overflow exploits. McAfee Host IPS and McAfee Entercept protect users against code execution that may result from common classes of exploits targeted at the buffer overflow/overrun vulnerabilities in Microsoft Agent.

The McAfee Vulnerability Shield package for McAfee Host IPS customers claims to provide specific protection against common classes of exploits targeted at the vulnerabilities in Microsoft Agent and Windows Services for Unix.

The McAfee System Compliance Profiler, a component of McAfee ePolicy Orchestrator, is being updated for the newly disclosed vulnerabilities in Microsoft Agent, Crystal Reports for Visual Studio, Windows Services for Unix and MSN Messenger and Windows Live Messenger to quickly assess compliance levels of the security patches announced.