SUNNYVALE, Calif., June 25 /PRNewswire-FirstCall/ -- Blue Coat(TM)
Systems, Inc. (Nasdaq: BCSI), a leading provider of proxy appliances, today
announced that its ProxySG(TM) and ProxyAV(TM) appliances safeguard
organizations from threats exploiting the recently discovered HTTP Redirect
Vulnerability in Microsoft Internet Explorer (IE), including the JS/Scob
Trojan. This widespread vulnerability can allow hackers to take control of
desktop computers and extract confidential information from corporate systems.
A vulnerability has been discovered in Microsoft's Internet Explorer,
which fails to assess the security attributes of a Web page being served by an
infected Web server. This vulnerability allows an attacker to execute code
within the "Local Machine Zone" security domain on desktop computers (a
security setting treated with a high-level of trust because it assumes only
content on the user's machine is being accessed). The vulnerability is
currently being exploited by the JS/Scob Trojan, also known as Download.Ject,
which communicates from infected desktop computers to a malicious Web server.
It then downloads spyware that can transmit confidential information, such as
financial data and passwords, to the malicious source outside the network.
Future variants could download other types of malicious code.
Blue Coat proxy appliances are designed to provide a secure layer between
users on the network and the Web. Using Blue Coat, organizations can
safeguard against threats that exploit vulnerabilities in IE Web browsers.
Blue Coat's solution is uniquely capable of mitigating this IE vulnerability,
and preventing a Web server from loading malicious code on a desktop computer,
because of its comprehensive visibility and control over the Web channel.
Blue Coat provides protection on multiple layers:
1. Blue Coat's ProxySG appliances are capable of reviewing all incoming
response headers for location requests, and blocking those that are invalid.
2. The ProxySG directs Web content susceptible to virus infection to the
ProxyAV appliance, where the JS/Scob remote access Trojan can be detected and
deleted. This provides a signature-based layer that complements the ProxySG's
3. The ProxySG acts as a "middle-man" between users on the network and
Internet to terminate any unauthorized attempted communication of confidential
information. This further mitigates risks if the Trojan already exists on any
4. The ProxySG also supports blocking by "user-agent type" to restrict the
use of browser versions that are subject to this vulnerability.
5. As an added measure, the ProxySG appliance enables administrators to
explicitly block known Web sites or files that contain malicious code.
Blue Coat recommends that customers reference the Technical Brief titled
"Addressing IE Vulnerabilities" located at
http://www.bluecoat.com/resources/resourcedocs/techbriefs.html for more
instructions on configuring its ProxySG appliances to avert the threats posed
by IE vulnerabilities. Those interested in learning more about the benefits
of proxy appliances should also visit http://www.bluecoat.com for information.
About Blue Coat Systems
Blue Coat enables organizations to keep "good" employees from doing "bad"
things on the Internet. Blue Coat wire-speed proxy appliances provide
visibility and control of Web communications to address today's new business
risks -- such as inappropriate Web surfing, viruses brought in via back door
channels such as instant messaging and Web-based email, and network resource
abuse due to peer-to-peer (P2P) file sharing and video streaming. Trusted by
many of the world's most influential organizations, Blue Coat has shipped more
than 18,000 proxy appliances. Blue Coat is headquartered in Sunnyvale,
California, and can be reached at 408-220-2200 or www.bluecoat.com.
FORWARD LOOKING STATEMENTS: The statements contained in this press
release that are not purely historical are forward-looking statements,
including statements regarding Blue Coat Systems' expectations, beliefs,
intentions or strategies regarding the future, including the capabilities of
the ProxySG and ProxyAV. All forward-looking statements included in this press
release are based upon information available to Blue Coat Systems as of the
date hereof, and Blue Coat Systems assumes no obligation to update any such
forward-looking statements. Forward-looking statements involve risks and
uncertainties, which could cause actual results to differ materially from
those projected. These and other risks relating to Blue Coat Systems' business
are set forth in Blue Coat Systems' most recently filed Form 10-Q for the
quarter ended January 31, 2004, and other reports filed from time to time with
the Securities and Exchange Commission.
NOTE: All trademarks, trade names or service marks used or mentioned
herein belong to their respective owners.
SOURCE Blue Coat Systems, Inc.