Vendor Will Use RSA Conference 2006 to Introduce Its ShatterProof(TM)
Technology
SAN JOSE, Calif., Feb. 14 /PRNewswire/ -- RSA Conference --
DesktopStandard(R) Corporation today announced the release of PolicyMaker(TM)
Application Security (PMAS) 2.5 at the RSA Conference 2006 in San Jose, CA.
The release marks a major upgrade to the software solution that enables
network administrators to enforce the security principle of Least Privilege on
Windows desktops via Microsoft's Group Policy change and configuration
management system. Utilizing a new feature they have dubbed ShatterProof(TM),
PMAS 2.5 will now be the first product to prevent Windows Shatter Attacks.
Shatter Attacks are a class of widely recognized vulnerabilities that may
result in unauthorized privilege escalation. Many organizations are realizing
the critical importance of restricting the privileges of end-users. As more
organizations lock down their end-users, the desire of rogue users and malware
to escape these restrictions grows. This type of attack can come from an end-
user attempting to circumvent controls or from malware attempting to attack
the system. Since a Shatter Attack can allow an unprivileged user to gain full
control over a vulnerable computer, the likelihood of widespread exploitation
of these vulnerabilities is increasing.
"What makes a Shatter Attack so menacing is that there is currently no way
to patch the operating system to universally prevent such attacks. These
attacks can be carried out from a restricted user in a terminal environment,
gaining full access to the server, or can be used to install Trojan horses,
root kits and key loggers to gain network-wide administrator permissions,"
said DesktopStandard CTO Eric Voskuil. "Seemingly benign applications running
in an elevated context can expose a system to attack. Even popular antivirus
and administration products have been found to be vulnerable."
Because the Shatter Attack allows unauthorized privilege escalation, it
can be used in conjunction with other types of attacks, such as those that
allow for arbitrary code execution. The Windows Metafile Format (WMF)
vulnerability has recently been patched, yet new WMF vulnerabilities are
already being postulated. DesktopStandard's ShatterProof technology provides
isolation at the kernel level for processes operating at different levels of
privilege. This prevents the type of inter-process communication that enables
a Shatter Attack, preventing WMF and other exploits from compromising the
computer.
PMAS was the first product to make it possible to reduce or elevate
permissions on a per-application or per-task basis, removing longstanding
barriers to implementation of the security best practice of Least Privilege.
The latest version of PMAS 2.5 allows administrators to:
-- Inoculate computers against Shatter Attacks that might otherwise result
in unauthorized privilege escalation. This type of security threat
allows a restricted user process to gain complete control of a system.
The new ShatterProof feature protects computers by preventing messaging
between processes of different privilege levels.
-- Elevate the permission level for restricted users who are performing
selected authorized tasks or running applications that require higher
privileges than those to which the user is normally entitled. This
eliminates the need to raise each user's privilege levels for all
applications, which would expose the network to unnecessary risk.
-- Reduce the permission level for administrators working on applications
such as Internet Explorer and Microsoft Outlook. This avoids the use of
full administrative permissions for applications that do not have such
a need, and without the requirement to log out and then in as a
different user, use the Windows RunAs utility to work under a second
user account, or invoke other complicated procedures that reduce
productivity.
-- Allow restricted users to install approved ActiveX controls while
running Internet Explorer in their restricted user security context.
This feature makes restricted user scenarios much more practical, as
many organizations have extensive libraries of ActiveX controls or
allow use of such controls that install from approved third party sites
- including Adobe's Acrobat Reader for example.
-- Provide self-service software installation points for restricted users,
greatly reducing administrator workload in supporting unmanaged
software installation without compromising security. Many organizations
have libraries of software packages that end-users may elect to install
by simply browsing to them on a network location. This new feature
makes it a simple task to support secure elevated permissions
installation of such executable and Windows Installer packages.
Nick Duda, Senior Systems Administrator for VistaPrint, an online printing
service with over 5 million customers, explains, "As an online company,
VistaPrint call center employees often have a browser open and are exposed to
a host of spyware and malware programs. With PolicyMaker we have locked down
our users accounts and dramatically reduced malware on end-user machines and
the number of IT support requests. We now assign elevated privilege only to
specific applications. With restricted users we must take precautions against
privilege escalation attacks. We are excited to see PolicyMaker evolving ahead
of the threat. Shatter Attacks have been a looming threat - like many of the
other major attacks of the last few years - and we expect that widespread
attacks are just a matter of time."
The complete suite of PolicyMaker products offers a total of 24 extensions
to the Group Policy system that has been integrated with Active Directory
since the release of Windows 2000. These extensions complement the 11 native
extensions that ship with Windows. All PolicyMaker products seamlessly
integrate with Microsoft's Group Policy Management Console, including backup,
restore, import, copy, edit, and RSoP capabilities. PolicyMaker settings can
be targeted using any of 25 graphical filtering categories.
Pricing, Specifications and Availability
PolicyMaker Application Security 2.5 is available immediately from
DesktopStandard and authorized resellers. Pricing starts at $27 per seat for
enterprises with less than 1,000 computers, including one year of upgrade
assurance and technical support. PolicyMaker supports Windows 2000, XP and
2003 Server, Terminal Server, MetaFrame and all versions of Outlook, Office
and Internet Explorer.
About DesktopStandard Corporation
DesktopStandard Corporation is the leading developer of Group Policy-based
enterprise desktop management products. The company has more than 3,500
customers, more than 4 million desktops under management and a worldwide
network of integrators and resellers. DesktopStandard is a Microsoft Gold
Certified ISV.
DesktopStandard products have won many prestigious awards, including the
"Most Innovative Product of 2005" (Windows IT Pro Readers' Choice Awards),
"Most Valuable Product" (Redmond Magazine), "Best Product of 2005 - Policy
Management" (MSD2D People's Choice Security Award), and the "2004 Active
Directory Product of the Year" (SearchWin2000.com).
For more information, visit http://www.desktopstandard.com .
DesktopStandard, PolicyMaker and GPOVault are the trademarks or registered
trademarks of DesktopStandard Corporation. Other product and company names
herein may be trademarks of their registered owners.
SOURCE DesktopStandard(R) Corporation
 back to top
Related links:
http://www.desktopstandard.com
CONTACT:
Tony Keller of S&S Public Relations,
+1-719-634-8279, tony@sspr.com
|
