Palo Alto Networks Discovers Critical Vulnerabilities Addressed in Today's Microsoft Security Bulletin

New Potential Security Threats Will Impact Popular Media Apps

Jun 08, 2010, 14:39 ET from Palo Alto Networks

SUNNYVALE, Calif., June 8 /PRNewswire/ -- Palo Alto Networks™, the network security company, today announced that its Application and Threat Research Team discovered two of the critical vulnerabilities in the June Microsoft Security Bulletin published today. Vulnerable systems are susceptible to an attacker taking complete control of them through commonly used media applications.

Microsoft credits Palo Alto Networks' Application and Threat Research Team for finding two remote code execution vulnerabilities that exist in the way the Microsoft Windows handles media files. This vulnerability could allow remote code execution if a user opened a specially crafted media file. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs, view, change or delete data, or create new accounts with full user rights.

To view these vulnerabilities as standard entries in the Common Vulnerabilities and Exposures list, see CVE-2010-1879 and CVE-2010-1880.

The Palo Alto Networks Application and Threat Research Team is active in the research community, aggressively pursuing both new vulnerability research and mitigation of all types of threats. Leveraging its expert understanding of today's applications, threats and how vulnerabilities get exploited, the team is a consistent contributor in support of Microsoft's Patch Tuesday releases, including discovering nine Microsoft vulnerabilities in the past 12 months.

Palo Alto Networks' next-generation firewall provides policy-based visibility and control over applications, users and content. Using this technology, enterprises can accurately identify and control applications, scan content to stop threats, and prevent data leakage – all with a single network device. By reducing the number of security devices in their networks, companies can save both capital expenditures and operational costs.

Information on more than 1,000 applications that are identified by Palo Alto Networks can be found in Applipedia, part of the company's Application and Threat Research Center. Visit the online resource to find the latest news, commentary, and discoveries on applications and threats at

About Palo Alto Networks

Palo Alto Networks™ is the network security company.  Its next-generation firewalls enable unprecedented visibility and granular policy control of applications and content – by user, not just IP address – at up to 10Gbps with no performance degradation. Based on patent-pending App-ID™ technology, Palo Alto Networks firewalls accurately identify and control applications – regardless of port, protocol, evasive tactic or SSL encryption – and scan content to stop threats and prevent data leakage. Enterprises can for the first time embrace Web 2.0 and maintain complete visibility and control, while significantly reducing total cost of ownership through device consolidation. For more information, please visit

Palo Alto Networks, "The Network Security Company," the Palo Alto Networks Logo and App-ID are trademarks of Palo Alto Networks, Inc. in the United States. All other trademarks, trade names or service marks used or mentioned herein belong to their respective owners.

SOURCE Palo Alto Networks