The Latest FireEye News
Product and Solution Information, Press Releases, Announcements
|FireEye Uncovers Seven Zero-Day Vulnerabilities In First Half of 2013|
|Posted: Wed Jul 17, 2013 03:29:36 PM|
Next-Generation Threat Protection Company Identifies Vulnerabilities Exploited by High-Profile Advanced Attacks.
Milpitas, CA -- July 17, 2013 -- FireEye®, Inc., the leader in stopping today's new breed of cyber attacks, today announced that the company has discovered seven zero-day vulnerabilities during the first half of 2013. Each of the vulnerabilities uncovered by FireEye was exploited by advanced attacks across a number of applications, including Microsoft Internet Explorer, Adobe Flash, PDFs, Oracle, and Java, and highlight a growing trend of organizations seeing damage to their reputations and critical infrastructure due to highly publicized zero-day threats.
“The consistent discovery of flaws by FireEye demonstrates the power of our virtual-machine technology and the caliber of our research group,” said Zheng Bu, senior director of research. “Our Multi-Vector Virtual Execution™ (MVX) engine offers a new and more sophisticated approach toward threat protection that can verify the existence and root cause of exploits before they are able to cause catastrophic damage.”
Zero-day flaws are especially dangerous because of their ability to evade detection from traditional and next-generation firewalls, intrusion prevention systems, anti-virus, and Web gateways, leaving gaping holes in network defenses. As a result, the potential for loss and theft of customer information, intellectual property, and confidential information increases.
The FireEye platform provides real-time analysis of advanced malware in a controlled environment and uses multi-vector and multi-flow virtual execution to detect next-generation threats that would otherwise go undiscovered.
“The newest generation of cybercriminals are persistent, exploiting zero-day vulnerabilities that often leave security experts unaware of the holes in their networks until the damage has already been done,” said Ashar Aziz, FireEye founder and CTO. “To fill in the gap in network defenses, the FireEye technology is able to monitor both inbound and outbound attacks, identifying and blocking the activities of today’s most advanced cyber attacks.”
The seven zero-day flaws discovered by FireEye this year are: