SAN JOSE, Calif. -- The security experts at Agnitum Ltd. today reassured business and personal users of Outpost Firewall Pro that the software already protects them from what the US Department of Homeland Security is calling "the worst bug of August."
Microsoft identified the highly-critical vulnerability in the Windows Server Service in Security Bulletin MS06-040, published Aug. 8, 2006.
Under the heading "Vulnerability in Server Service Could Allow Remote Code Execution," the Microsoft bulletin states that "An attacker who successfully exploited the vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights."
Worms that exploit this vulnerability to gain access to users'
computers, then link them into a global "botnet" to send spam and steal personal information, have already appeared on the Internet. The US Department of Homeland Security publicly referred to this vulnerability as an "exploit for the worst bug of August on the loose" in its security report for August 11.
Agnitum's security experts are warning that this is likely only the first of many such threats, as was the case with the LoveSan and MSBlast worms in 2003. For more information, see the full assessment in the Security Advisory section of Agnitum's web site, http://www.agnitum.com/news/security_advisories/advisory15.php.
Outpost Firewall Pro users are protected against this particular vulnerability and other vulnerabilities that can hijack and take remote control of PCs running Windows. Outpost Firewall Pro prevents unknown or unauthorized programs from sending or receiving data over the Internet, thus blocking hackers from taking control of the system.
"Users who have installed Outpost Firewall Pro need not be concerned about this vulnerability," said Alexey Belkin, chief software architect at Agnitum. "Outpost's default settings ensure users can safely connect to the Internet, whether or not they have downloaded the latest updates
- although of course we do recommend that users install the latest Microsoft security updates as soon as possible."