A new company called ZeroVulnerabilityLabs says that it has solved the Gordian knot of exploits, slicing through the complicated, Hydra-headed problem with a single stroke from a software weapon it calls ExploitShield. Available exclusively today from Download.com, the first ExploitShield Browser Edition beta (download) appears to stop all manner of exploits, from those affecting browsers to browser plug-ins like PDF readers directly, Flash, and Java, to Microsoft Office components, to a handful of media players. The potential for raising the known level of computer security here is huge, as a vast number of threats are mutations of malware actually, sold in kits like BlackHole, exploiting the same security holes in the same security programs. The Windows-only ExploitShield is freeware for individuals and non-profits, part of ZeroVulnerabilityLabs' attempt to prove that the technology is so important that it's worth giving away. The company is working on a qualified version for businesses, although they don't have a timeline for its release yet. Software exploits have long been a thorny software problem, hard to prevent because of source code complexity. For some notorious software, such as Java, Flash, and QuickTime, it can sometimes seem to be as though two exploits crop up for every the one which gets patched. A panacea that cures all exploits, even kinds that have yet to be used to breach a scheduled program, sounds too good to be true. Featured Freeware: FreeRip read more. Harry Potter 7. Several Windows security suites have promised to block browser exploits, with Kaspersky's 2013 Automatic Exploit Prevention feature to be among the strongest offered, but that will set you back $60 retail. In conditions of features, ZeroVulnerabilityLabs plans on following in the footsteps of other free security programs that offer a paid upgrade. The free version of ExploitShield includes protection against drive-by downloads only, a powerful protection tool, as well as protection against attacks based on document file media and formats file formats. The company hopes to attracts businesses to the corporate upgrade by offering those features, and protection against DLL memory injection attacks, shield management for network deployment, quarantine management, and a centralized reporting portal. ExploitShield is Silicon Valley's ZeroVulnerabilityLabs' first release. It's been in development for the past 12 months, according to its two co-founders, both of whom are experienced security researchers. Pedro Bustamante has more than 20 years' experience as a security researcher; the other co-founder is David Sanchez Lavado, a former employee of the security firm S21Sec and Panda Security, and ZeroVulnerabilityLabs' Chief Technical Officer. Ninety-five percent of successful exploits are Java- or PDF-based," said Bustamante in a meeting at CNET's San Francisco offices last June. ExploitShield protects against exploit-delivered malicious payload," he said. Because of the potentially implications of a freeware exploit-blocker that protects most major software, CNET insisted on permission from ZeroVulnerabilityLabs to hand off ExploitShield to independent experts to evaluate its efficacy. Мазь Тетрациклиновая 3 Инструкция. There are a ton of important and unanswered questions here, but that's a good thing. This could be a strong emerging player that establishes a niche market. I'll be watching them for sure," he said. Bustamante was reticent to describe how ExploitShield works, but did offer some insight in an e-mail. It is not blacklisting, not whitelisting, and not sandboxing. We call it 'application shielding,' and it's basically a pro-active way of avoiding vulnerability exploits. skyresurs. It blocks 100 percent of the exploits it protects against, 100 percent of the time. I think it's a new type of security software category, i.e., 'anti-exploits'," he said. ZeroVulnerabilityLabs is making some heady claims with ExploitShield that so far appear to be supported by my everyday utilization of the software. Bustamante said in a subsequent e-mail to CNET that, "this is not an intrusive security technology like antivirus, whitelisting, or sandboxing. Bustamante explained that currently known exploit methods against Microsoft's EMET and 32-bit based ASLR, such as ROP and anti-anti-ROP exploits, are blocked by ExploitShield. At least on the counts of performance and stability, I have not noticed any appreciable distinctions in browser behavior. Bustamante did caution, however, that since ExploitShield is in beta, those problems could crop up still. Adam J. O'Donnell, Chief Architect for the Cloud Technology Group at Sourcefire, said that the community of security specialists will be curious about how ExploitShield works. Once the thing is put up for download, everyone shall be reversing it, " he wrote to CNET in an e-mail earlier this week, after looking at ExploitShield. Музыка Танцевальная Драйв 2014 Зарубежная Торрент. He also vouched for Bustamante's reputation, no small matter in the world of computer security. Grossman agreed that ExploitShield could have far-reaching implications. If this works as advertised, [it] sounds like they could have something very special here. Fly High 2 Учебник. zavodpainting. The concept and value proposition sounds pretty good, in a corporate environment especially," he said.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |