VUPEN Security Discovers Critical Vulnerabilities in Microsoft Software

October 15, 2010

Tools

PARIS--(BUSINESS WIRE)-- VUPEN Security, the world leader in vulnerability research and analysis, today announced that the VUPEN Vulnerability Research Team (VRT) has been working with Microsoft for six months to address twenty-one vulnerabilities discovered by VUPEN in major Microsoft software.

These critical security vulnerabilities, discovered in-house by VUPEN Security researchers and privately reported to Microsoft, have been fixed and disclosed as part of the Microsoft Security Bulletins MS10-079 and MS10-080. The flaws affect Microsoft Office 2010, Office 2008 for Mac, Office 2007, Office 2004, Office 2003 and Office XP, and could allow remote attackers or malware to take complete control of an affected system if a user opens a specially crafted Word or Excel document.

"It is the first time since the release of Microsoft Office 2010 suite that a vulnerability is discovered in this new edition of Office", said Chaouki Bekrar, VUPEN CEO and Head of Research. "With more than 250 vulnerabilities discovered this year by VUPEN in prominent software from Microsoft, Adobe, HP and Apple, VUPEN has become the world leader in vulnerability research".

VUPEN helps prominent software makers to protect their customers against critical vulnerabilities, and helps governments and intelligence agencies to protect national infrastructures and assets against cyber attacks and zero-day exploits.

VUPEN Threat Protection Program (TPP) aims to deliver exclusive research reports and attack detection guidance for undisclosed vulnerabilities discovered by VUPEN, providing timely, actionable information and guidance to help mitigate risks from zero-day vulnerabilities or exploits. This is a proactive approach to aid governments in making decisions in response to potential threats on a real-time basis and in advance of public disclosure, maintaining a secure environment while the affected vendor is working on a patch.

For more information visit: www.vupen.com

About VUPEN Security

VUPEN is a leading IT security research company providing vulnerability management and intelligence solutions which enable corporations and governments to eliminate vulnerabilities before they can be exploited, ensure security policy compliance and meaningfully measure and manage risks.

Governmental and federal agencies, and corporations in the financial services, insurance, manufacturing and technology industries rely on VUPEN to improve their security, prioritize resources, cut time and costs, and stay ahead of the latest threats.

VUPEN customers include prominent worldwide corporations, governments, managed security service providers (MSSPs), as well as medium sized businesses.